ByteOS Network

NVD Vulnerability Details :

CVE-2010-3914

Deferred

Source-vultures@jpcert.or.jp

Published At-03 Nov, 2010 | 13:37

Updated At-11 Apr, 2025 | 00:51

Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other versions before 7.3.46, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. NOTE: some of these details are obtained from third party information.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C

Hyperlink	Source	Resource
ftp://ftp.vim.org/pub/vim/patches/7.3/7.3.034	vultures@jpcert.or.jp	Patch
http://jvn.jp/en/jp/JVN27868039/index.html	vultures@jpcert.or.jp	Patch
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000051.html	vultures@jpcert.or.jp	N/A
http://secunia.com/advisories/42084	vultures@jpcert.or.jp	Vendor Advisory
http://www.securityfocus.com/bid/44588	vultures@jpcert.or.jp	N/A
ftp://ftp.vim.org/pub/vim/patches/7.3/7.3.034	af854a3a-2127-422b-91ae-364da2661108	Patch
http://jvn.jp/en/jp/JVN27868039/index.html	af854a3a-2127-422b-91ae-364da2661108	Patch
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000051.html	af854a3a-2127-422b-91ae-364da2661108	N/A
http://secunia.com/advisories/42084	af854a3a-2127-422b-91ae-364da2661108	Vendor Advisory
http://www.securityfocus.com/bid/44588	af854a3a-2127-422b-91ae-364da2661108	N/A

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History