CVE-2010-3148

Microsoft Visio 2003 SP3 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3148. PoCs published by Beenu Arora.

AI-analyzed exploit summary This exploit leverages DLL hijacking in Microsoft Visio 2003 by renaming a malicious DLL to 'mfc71enu.dll' and placing it in the same directory as a .vtx file. When Visio loads the file, it executes the malicious DLL, resulting in arbitrary code execution (calc.exe in this PoC).

Description

Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability."

Exploits (1)

exploitdb WORKING POC

by Beenu Arora · clocalwindows

https://www.exploit-db.com/exploits/14744

View Code ZIP pw:eip

This exploit leverages DLL hijacking in Microsoft Visio 2003 by renaming a malicious DLL to 'mfc71enu.dll' and placing it in the same directory as a .vtx file. When Visio loads the file, it executes the malicious DLL, resulting in arbitrary code execution (calc.exe in this PoC).

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Visio 2003

No auth needed

Prerequisites: Victim must open a .vtx file in a directory containing the malicious DLL · Malicious DLL must be named 'mfc71enu.dll'

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5

Core References

Vendor Advisory vendor-advisory x_refsource_ms

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-055

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/2192

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA11-193A.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7122

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/14744/

Scores

EPSS 0.1389

EPSS Percentile 96.0%

Details

Status published

Products (1)

microsoft/visio 2003

Published Aug 27, 2010

Tracked Since Feb 18, 2026