CVE-2010-3155 Information

Description

Untrusted search path vulnerability in Adobe ExtendScript Toolkit (ESTK) CS5 3.5.0.52 allows local users and possibly remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .jsx file.

Reference

http://www.exploit-db.com/exploits/14785/ http://www.vupen.com/english/advisories/2010/2213