CVE-2010-3142

critical Microsoft
CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
10.3%
Exploitation probability in 30 days
Top 7% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: August 27, 2010 (5739 days ago)
Last Modified: April 29, 2026
Vendor: Microsoft
Source: NVD

Description

Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file.

CWE

NVD-CWE-Other

Affected Products

microsoft powerpoint

References

🔗 www.exploit-db.com 🔗 oval.cisecurity.org 🔗 www.exploit-db.com 🔗 oval.cisecurity.org