CVE-2010-3134

Google Earth <5.1.3535.3218 - RCE

Title source: llm

Description

Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse quserex.dll that is located in the same folder as a .kmz file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · clocalwindows

https://www.exploit-db.com/exploits/14790

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/64484

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/14790

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7553

Scores

EPSS 0.0147

EPSS Percentile 81.0%

Details

Status published

Products (1)

google/earth 5.1.3535.3218

Published Aug 26, 2010

Tracked Since Feb 18, 2026