CVE-2010-3151

Adobe On Location CS4 Build 315 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3151. PoCs published by Glafkos Charalambous.

AI-analyzed exploit summary This exploit demonstrates DLL hijacking in Adobe On Location CS4 by replacing ibfs32.dll with a malicious DLL. The PoC displays a message box upon execution, confirming the vulnerability.

Description

Untrusted search path vulnerability in Adobe On Location CS4 Build 315 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as an OLPROJ file.

Exploits (1)

exploitdb WORKING POC

by Glafkos Charalambous · clocalwindows

https://www.exploit-db.com/exploits/14772

View Code ZIP pw:eip

This exploit demonstrates DLL hijacking in Adobe On Location CS4 by replacing ibfs32.dll with a malicious DLL. The PoC displays a message box upon execution, confirming the vulnerability.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Adobe On Location CS4 Build 315

No auth needed

Prerequisites: Victim must open a .olproj file in a directory where the malicious ibfs32.dll is placed

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/64445

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/14772/

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/513332/100/0/threaded

Scores

EPSS 0.1536

EPSS Percentile 96.4%

Details

Status published

Products (3)

adobe/onlocation_cs4 4.0.1

adobe/onlocation_cs4 4.0.2

adobe/onlocation_cs4 4.0.3

Published Aug 27, 2010

Tracked Since Feb 18, 2026