CVE-2010-5227

Opera <10.62 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-5227. PoCs published by Nicolas Krassas.

AI-analyzed exploit summary This exploit leverages DLL hijacking in Opera 10.61 by creating a malicious dwmapi.dll that executes arbitrary code (calc.exe) when loaded. It targets vulnerable file extensions like .htm, .mht, etc., on Windows XP SP3.

Description

Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Nicolas Krassas · clocalwindows
https://www.exploit-db.com/exploits/14732

This exploit leverages DLL hijacking in Opera 10.61 by creating a malicious dwmapi.dll that executes arbitrary code (calc.exe) when loaded. It targets vulnerable file extensions like .htm, .mht, etc., on Windows XP SP3.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Opera 10.61
No auth needed
Prerequisites: Victim must open a vulnerable file type in Opera 10.61 · Malicious dwmapi.dll must be placed in a directory with higher search priority than the legitimate DLL
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41083
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/windows/1062/
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/970/
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14732

Scores

EPSS 0.0098
EPSS Percentile 57.5%

Details

Status published
Products (1)
opera/opera < 10.61
Published Sep 07, 2012
Tracked Since Feb 18, 2026