CVE-2010-3154

Adobe Extension Manager CS5 5.0.298 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3154. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a DLL hijacking vulnerability in Adobe Extension Manager CS5 v5.0.298 by exploiting the loading of dwmapi.dll when processing .mxi or .mxp files. The PoC compiles a malicious DLL that displays a message box upon execution.

Description

Untrusted search path vulnerability in Adobe Extension Manager CS5 5.0.298 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .mxi or .mxp file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by LiquidWorm · clocalwindows

https://www.exploit-db.com/exploits/14784

View Code ZIP pw:eip

This exploit demonstrates a DLL hijacking vulnerability in Adobe Extension Manager CS5 v5.0.298 by exploiting the loading of dwmapi.dll when processing .mxi or .mxp files. The PoC compiles a malicious DLL that displays a message box upon execution.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Adobe Extension Manager CS5 v5.0.298

No auth needed

Prerequisites: Victim must execute a .mxi or .mxp file in a directory containing the malicious dwmapi.dll

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/14784/

Scores

EPSS 0.1173

EPSS Percentile 95.5%

Details

Status published

Products (1)

adobe/extension_manager_cs5 5.0.298

Published Aug 27, 2010

Tracked Since Feb 18, 2026