CVE-2010-3128

TeamViewer <5.0.8703 - RCE

Title source: llm

Description

Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.

Exploits (1)

exploitdb WORKING POC

by Glafkos Charalambous · clocalwindows

https://www.exploit-db.com/exploits/14734

View Code ZIP pw:eip

References (5)

[Vendor Advisory] http://secunia.com/advisories/41112

[Exploit] http://www.exploit-db.com/exploits/14734

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/2174

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/513317/100/0/threaded

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6773

Scores

EPSS 0.0221

EPSS Percentile 84.5%

Details

Status published

Products (5)

teamviewer/teamviewer 1.85

teamviewer/teamviewer 2.44

teamviewer/teamviewer 3.6.5523

teamviewer/teamviewer 4.1.8107

teamviewer/teamviewer < 5.0.8703

Published Aug 26, 2010

Tracked Since Feb 18, 2026