cbcvebase.
CVE-2011-0107
published 2011-04-13

CVE-2011-0107: Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse…

PriorityP344critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
11.11%
95.4th percentile
Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Office Component Insecure Library Loading Vulnerability."

Affected

13 ranges
VendorProductVersion rangeFixed in
attachmatereflection_for_hp
attachmatereflection_for_hp
attachmatereflection_for_ibm
attachmatereflection_for_ibm
attachmatereflection_for_regis_graphics_server
attachmatereflection_for_regis_graphics_server
attachmatereflection_for_unix_and_openvms
attachmatereflection_for_unix_and_openvms
attachmatereflection_x
attachmatereflection_x
microsoftoffice
microsoftoffice
microsoftoffice

CVSS provenance

nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_redhat4.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.