CVE-2010-3140

Microsoft Windows Internet Communication Settings - RCE

Title source: llm

Description

Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows XP SP3 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as an ISP file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ALPdaemon · clocalwindows

https://www.exploit-db.com/exploits/14780

View Code ZIP pw:eip

References (2)

[Exploit] http://www.exploit-db.com/exploits/14780

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6743

Scores

EPSS 0.0730

EPSS Percentile 91.7%

Details

Status published

Products (1)

microsoft/windows_xp

Published Aug 27, 2010

Tracked Since Feb 18, 2026