Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-5241 — Autocad vulnerability

4 documents4 sources
Severity
6.9MEDIUMNVD
EPSS
0.3%
top 43.91%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Autodesk Autocad
Timeline
PublishedSep 7
Latest updateMay 17

Description

Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS vector

AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0

Affected Packages1 packages

â–¶NVDautodesk/autocad2010

🔴Vulnerability Details

2
GHSA
GHSA-rc67-8m73-xwp7: Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi↗2022-05-17
â–¶
CVEList
CVE-2010-5241: Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi↗2012-09-07
â–¶

💥Exploits & PoCs

1
Exploit-DB
Autodesk AutoCAD 2007 - 'color.dll' DLL Hijacking↗2010-08-25
â–¶
CVE-2010-5241 — Autodesk Autocad vulnerability | cvebase