TeamViewer File Opening Insecure Library Loading Vulnerability Network Vulnerability

Summary

This host is installed with TeamViewer and is prone to insecure library loading vulnerability.

Impact

Successful exploitation will allow attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file. Impact Level: Application.

Solution

Update to version 5.0.9104 or later, For updates refer to http://www.teamviewer.com/index.aspx

Insight

The flaw is due to the application insecurely loading certain librairies from the current working directory.

Affected

TeamViewer version 5.0.8703 and prior

References

http://secunia.com/advisories/41112
http://www.exploit-db.com/exploits/14734/
http://www.vupen.com/english/advisories/2010/2174

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3128
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Dec13 (Windows)
Adobe Air Code Execution and DoS Vulnerabilities (Windows)
Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Mac OS X)
Adobe Acrobat Unspecified vulnerability

Take action and discover your vulnerabilities