CVE-2010-3132
First published: Thu Aug 26 2010(Updated: )
Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2) dwmapi.dll that is located in the same folder as a CSS, PHP, ASP, or other file that automatically launches Dreamweaver.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Dreamweaver | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-3132?
CVE-2010-3132 has a moderate severity rating as it allows local users and potentially remote attackers to execute arbitrary code.
How do I fix CVE-2010-3132?
To fix CVE-2010-3132, ensure that you have installed the latest security updates and patches for Adobe Dreamweaver.
What versions of Adobe Dreamweaver are affected by CVE-2010-3132?
CVE-2010-3132 affects Adobe Dreamweaver CS5 version 11.0 build 4916, build 4909, and possibly other versions.
What types of attacks can CVE-2010-3132 facilitate?
CVE-2010-3132 can facilitate DLL hijacking attacks through the execution of Trojan horse files such as mfc90loc.dll or dwmapi.dll.
Who is at risk from CVE-2010-3132?
Local users and potentially remote attackers are at risk from the exploitation of CVE-2010-3132.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- collector/nvd-index
- vendor/adobe
- canonical/adobe dreamweaver
- version/adobe dreamweaver/11.0