CVE-2010-3143 Information

Description

Untrusted search path vulnerability in Microsoft Windows Contacts allows local users and possibly remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact .group .p7c .vcf or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.

Reference

http://www.exploit-db.com/exploits/14778/ https://exchange.xforce.ibmcloud.com/vulnerabilities/64446 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A7224