Untrusted search path vulnerability in Microsoft Windows Contacts via a Trojan horse wab32res.dll
Untrusted search path vulnerability in Microsoft Windows Contacts allows local users and possibly remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact .group .p7c .vcf or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.
- Microsoft Windows Vista
- Microsoft Windows 7
- Microsoft Windows Server 2008
- Microsoft Windows Contacts