CVE-2010-3152

Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier - Untrusted Search Path and DLL Hijacking via Trojan Horse DLL

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3152. PoCs published by Glafkos Charalambous.

AI-analyzed exploit summary This exploit demonstrates DLL hijacking in Adobe Illustrator CS4 by placing a malicious 'aires.dll' in a specific directory. The DLL executes arbitrary code (a MessageBox) when the vulnerable application loads it.

Description

Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or aires.dll that is located in the same folder as an .ait or .eps file.

Exploits (1)

exploitdb WORKING POC

by Glafkos Charalambous · clocalwindows

https://www.exploit-db.com/exploits/14773

View Code ZIP pw:eip

This exploit demonstrates DLL hijacking in Adobe Illustrator CS4 by placing a malicious 'aires.dll' in a specific directory. The DLL executes arbitrary code (a MessageBox) when the vulnerable application loads it.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Adobe Illustrator CS4 v14.0.0

No auth needed

Prerequisites: Vulnerable Adobe Illustrator CS4 installation · Ability to place malicious DLL in 'system\enu_us' directory · User interaction to open a .ait or .eps file

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →