CVE-2010-3134

Google Earth 5.1.3535.3218 - Untrusted Search Path and DLL Hijacking via Trojan Horse quserex.dll

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3134. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a DLL hijacking vulnerability in Google Earth v5.1.3535.3218 by exploiting the quserex.dll dependency. The PoC compiles a malicious DLL that displays a message box when loaded, proving arbitrary code execution.

Description

Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a .kmz file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by LiquidWorm · clocalwindows
https://www.exploit-db.com/exploits/14790

This exploit demonstrates a DLL hijacking vulnerability in Google Earth v5.1.3535.3218 by exploiting the quserex.dll dependency. The PoC compiles a malicious DLL that displays a message box when loaded, proving arbitrary code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Google Earth v5.1.3535.3218
No auth needed
Prerequisites: Victim must open a .kmz file in a directory containing the malicious quserex.dll
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64484
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14790
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7553

Scores

EPSS 0.0386
EPSS Percentile 88.8%

Details

Status published
Products (1)
google/earth 5.1.3535.3218
Published Aug 26, 2010
Tracked Since Feb 18, 2026