CVE-2010-3199

NONE
Published Sep 10, 201015y ago · Modified Jun 16, 20262w ago
Find Similar
Published Sep 10, 2010 15y ago
Last Modified Jun 16, 2026 2w ago

Description

Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Tortoise. NOTE: this is only a vulnerability when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-264

Affected Products 99

VendorProductVersionRange
tigristortoisesvn* ≤1.6.10
tigristortoisesvn0.1any
tigristortoisesvn0.2any
tigristortoisesvn0.3any
tigristortoisesvn0.4any
tigristortoisesvn0.5any
tigristortoisesvn0.5.1any
tigristortoisesvn0.6any
tigristortoisesvn0.6.1any
tigristortoisesvn0.7any
tigristortoisesvn0.8any
tigristortoisesvn0.8.1any
tigristortoisesvn0.9.1any
tigristortoisesvn0.9.2any
tigristortoisesvn0.10.0any
tigristortoisesvn0.11.0any
tigristortoisesvn0.11.2any
tigristortoisesvn0.12any
tigristortoisesvn0.12.1any
tigristortoisesvn0.14any
tigristortoisesvn0.15any
tigristortoisesvn0.15.1any
tigristortoisesvn0.15.2any
tigristortoisesvn0.16any
tigristortoisesvn0.17any
tigristortoisesvn0.18any
tigristortoisesvn0.19any
tigristortoisesvn0.20any
tigristortoisesvn0.20.1any
tigristortoisesvn0.20.2any
tigristortoisesvn0.21any
tigristortoisesvn0.22any
tigristortoisesvn0.23any
tigristortoisesvn0.24any
tigristortoisesvn0.25any
tigristortoisesvn0.26any
tigristortoisesvn1.0any
tigristortoisesvn1.0.1any
tigristortoisesvn1.0.2any
tigristortoisesvn1.0.3any
tigristortoisesvn1.0.4any
tigristortoisesvn1.0.5any
tigristortoisesvn1.0.6any
tigristortoisesvn1.0.7any
tigristortoisesvn1.0.8any
tigristortoisesvn1.1.0any
tigristortoisesvn1.1.0any
tigristortoisesvn1.1.0any
tigristortoisesvn1.1.1any
tigristortoisesvn1.1.2any
tigristortoisesvn1.1.3any
tigristortoisesvn1.1.4any
tigristortoisesvn1.1.5any
tigristortoisesvn1.1.6any
tigristortoisesvn1.1.7any
tigristortoisesvn1.2.0any
tigristortoisesvn1.2.1any
tigristortoisesvn1.2.2any
tigristortoisesvn1.2.3any
tigristortoisesvn1.2.4any
tigristortoisesvn1.2.5any
tigristortoisesvn1.2.6any
tigristortoisesvn1.3.0any
tigristortoisesvn1.3.1any
tigristortoisesvn1.3.2any
tigristortoisesvn1.3.3any
tigristortoisesvn1.3.4any
tigristortoisesvn1.3.5any
tigristortoisesvn1.4.0any
tigristortoisesvn1.4.0any
tigristortoisesvn1.4.1any
tigristortoisesvn1.4.2any
tigristortoisesvn1.4.3any
tigristortoisesvn1.4.4any
tigristortoisesvn1.4.5any
tigristortoisesvn1.4.6any
tigristortoisesvn1.4.7any
tigristortoisesvn1.4.8any
tigristortoisesvn1.5.0any
tigristortoisesvn1.5.0any
tigristortoisesvn1.5.0any
tigristortoisesvn1.5.0any
tigristortoisesvn1.5.0any
tigristortoisesvn1.5.0any
tigristortoisesvn1.5.1any
tigristortoisesvn1.5.2any
tigristortoisesvn1.5.3any
tigristortoisesvn1.5.4any
tigristortoisesvn1.5.5any
tigristortoisesvn1.5.6any
tigristortoisesvn1.5.7any
tigristortoisesvn1.5.8any
tigristortoisesvn1.5.9any
tigristortoisesvn1.5.10any
tigristortoisesvn1.6.0any
tigristortoisesvn1.6.3any
tigristortoisesvn1.6.4any
tigristortoisesvn1.6.5any
tigristortoisesvn1.6.6any

References 4

  • tortoisesvn.tigris.org http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163
  • tortoisesvn.tigris.org http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653202&orderBy=createDate&orderType=desc
  • securityfocus.com http://www.securityfocus.com/archive/1/513442/100/0/threaded
  • securityfocus.com http://www.securityfocus.com/archive/1/513463/100/0/threaded

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.