{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-08-31T00:00:00", "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Tortoise. NOTE: this is only a vulnerability when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653202&orderBy=createDate&orderType=desc"}, {"tags": ["x_refsource_MISC"], "url": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163"}, {"name": "20100831 Tortoise SVN DLL Hijacking Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/513442/100/0/threaded"}, {"name": "20100901 Tortoise SVN DLL Hijacking Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/513463/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3199", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Tortoise. NOTE: this is only a vulnerability when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653202&orderBy=createDate&orderType=desc", "refsource": "MISC", "url": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653202&orderBy=createDate&orderType=desc"}, {"name": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163", "refsource": "MISC", "url": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163"}, {"name": "20100831 Tortoise SVN DLL Hijacking Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/513442/100/0/threaded"}, {"name": "20100901 Tortoise SVN DLL Hijacking Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/513463/100/0/threaded"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-3199", "datePublished": "2010-09-10T19:00:00", "dateReserved": "2010-08-31T00:00:00", "dateUpdated": "2018-10-10T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*", "matchCriteriaId": "BD2FCFB8-3E8A-4EE5-AC30-433E2B70D4FD", "versionEndIncluding": "1.6.10", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "69635DDE-3456-4DD5-BE25-446616DE8484", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA03DE6C-5866-4917-AF11-62F40F965D36", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.3:*:*:*:*:*:*:*", "matchCriteriaId": "25A7FD43-2E26-466D-B36D-C7624246DEB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC67FEFA-FAC8-4124-B798-616BA57043F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.5:*:*:*:*:*:*:*", "matchCriteriaId": "30768C46-4499-4B57-8DA8-31A27B653080", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "F4C75C84-05C5-4BAC-98B8-5F2214133AA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.6:*:*:*:*:*:*:*", "matchCriteriaId": "42D96050-5FEC-4D86-B745-52D4FB2B2FA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "1F392926-BA33-4059-B4F1-F769610CC690", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "A3A448AD-A509-4823-8A29-B241D223DD41", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "72BD586F-65DA-4C19-86CC-B501E2E5C7D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "D83AAFC6-0057-4819-9369-D29445008EE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "F45F59F0-39A7-48ED-8AEE-468CBADAA86D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "46A99DB3-B02D-4CC4-BAA9-1D21A8F8B800", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "B014F3FE-1F15-454C-B67C-AD07CF373BAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "287CD53E-CB7C-408A-9C0F-FF1767F92562", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "C418FF1E-F3A2-4106-9BA1-AA1B7057F9CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.12:*:*:*:*:*:*:*", "matchCriteriaId": "B7CCE078-5F56-49AB-AA86-61E9B3EF6CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "CF377BE5-EFC2-40F5-9F80-2E9B1B44F33D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.14:*:*:*:*:*:*:*", "matchCriteriaId": "BA3D5ACA-72BD-45D5-B83B-5039053A21B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.15:*:*:*:*:*:*:*", "matchCriteriaId": "110AAA66-8A57-4E71-9E5F-C7E4E7CBEE37", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "EC605D05-E822-4183-844E-B68C51488D30", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.15.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED464340-B89B-44CA-9662-AC3F10646683", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.16:*:*:*:*:*:*:*", "matchCriteriaId": "CD9C2369-44F7-4261-BDA0-D90575C3A038", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.17:*:*:*:*:*:*:*", "matchCriteriaId": "A652EB0B-7734-4D86-B0FB-F5511BF2C980", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.18:*:*:*:*:*:*:*", "matchCriteriaId": "57C6BC0D-AD7C-47CB-A8AC-12BD915D1309", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.19:*:*:*:*:*:*:*", "matchCriteriaId": "D4DB290F-0988-4E0D-9711-E782E26DCA22", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.20:*:*:*:*:*:*:*", "matchCriteriaId": "6DC22FAE-B464-4B69-8E39-C516BDD468D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.20.1:*:*:*:*:*:*:*", "matchCriteriaId": "229859B3-354C-436C-BD23-2BC06E039E41", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.20.2:*:*:*:*:*:*:*", "matchCriteriaId": "7324480C-219A-439F-BEDC-1BEB1CD83F2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.21:*:*:*:*:*:*:*", "matchCriteriaId": "139E614E-16BE-41C9-9EB4-2550E13EC0ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.22:*:*:*:*:*:*:*", "matchCriteriaId": "95AAC20E-744D-4B37-96A6-E43E46136F90", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.23:*:*:*:*:*:*:*", "matchCriteriaId": "134B3CBC-B293-4257-93BB-49698158D144", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.24:*:*:*:*:*:*:*", "matchCriteriaId": "C761FC81-6CEB-4B9D-BC5B-103D312A5A86", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.25:*:*:*:*:*:*:*", "matchCriteriaId": "A2A3BE54-FD93-4DAF-96E3-B655957F1C28", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:0.26:*:*:*:*:*:*:*", "matchCriteriaId": "15395B2B-5F74-4A60-A32C-6D0554749C82", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "173FF5BE-3265-47E6-818A-A8F74C6E58D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E51BDC2E-028A-4DA2-ABF2-F556234CCD50", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "87CC7415-C392-42C9-8A0F-DEDE34CD7B3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "1AC224E5-CD65-404D-A064-1E415B837DC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "FADC775A-7401-454F-9AA7-DB8C397BB82D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "B7C3C166-3523-4850-B517-EA07DC39BC83", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "D608ECAA-FFCD-448D-9A95-20D0A8EE7009", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "7D00C7AC-2AA5-4EA2-B95B-0086813C4820", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "068681A2-EBCF-45AA-824B-04C9DBA7B444", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "65861A52-6D51-4DB3-9235-5B3690192D84", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "6E30FB65-45DC-4019-B1B9-3B8427B5555D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "D10FB8A4-7FE8-4820-9844-48E028BF4704", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C14AD483-2520-4818-8F8D-48C62DBC5573", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "552A0106-289D-45FF-8241-DE4A8DC29B57", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D95650D-A78B-4B21-B419-B2677491972F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "A1AC8B47-ABBA-49A5-B145-C8535418CF09", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "2752F108-8B3A-4207-8DA0-72E0AEEA2788", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "C0C5541E-CD87-4861-B80E-8A05996F6754", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "B092FAEF-4994-4A2B-B2A9-07ED94A8CA63", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7C898005-FEFB-4A4A-B0BE-6E536E83B943", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E2B5784-5245-40B5-A3DA-46ADF41A0B5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D5D5CB3B-6287-4A63-BE96-1CC72CEF76A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "7833B6DB-A016-4649-98B0-AB957E1E8030", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "D740DBBE-EFDC-4582-8E19-E7769DE2FEF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "EC7745CA-1A5E-468B-BDBD-978AEC6097D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "536F5529-1704-4201-AD7D-B8CF5250B911", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "B319ED3E-BCA3-4FD0-86AE-9515B7B75024", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "25E43D6D-A0B0-433C-8C0E-113446930F33", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "7F14ED42-2960-4777-9B90-C0EE47FAA728", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "8B2D63DF-FD5B-4263-9647-3A4DFC64B7D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "CB75992B-8D9B-4492-A647-E2D42A2EC030", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "522B6EA0-5CFC-4ECD-94CF-7BF7712F2EF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "68BBDA83-9181-4E18-B4CB-39B3AD755957", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "14A936B6-1B4B-493E-BB53-0DA4E46E5EF8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "282EBC98-7577-4F5E-8928-8E71C59E039B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "CACA67D4-A404-40DC-8748-B2128AFFFA6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "1DB1D669-45C8-461B-A123-75650BBECD12", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "0D1A2A35-E89E-4EFD-85FD-E1383948B33E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "741376DE-896D-42F3-B896-79236BE0916F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "DF3BEA2D-B7F1-4A0E-BCBB-DE59EAD24CCB", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "C75B0E98-7A14-4852-9CC8-809E8F95445E", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "11E31D0B-83A7-4C38-927B-9AC9AC1B20D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "87950014-0B66-426B-9467-D8B1BCDB1B54", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.0:alpha1:*:*:*:*:*:*", "matchCriteriaId": "E1E68345-D94F-4202-AC98-9D16C8714440", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "25C908C0-822F-4C2E-86AC-555EE76789E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "BEC5C91B-B2D3-4A4C-B4EB-48C279DE7DF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "EA53988F-46D4-4B80-B0B3-F8DFE09B317D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "3243642C-D9D5-48B0-92D6-75B7EDC42716", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "40E8C652-4041-457D-861F-F34DE9623136", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "22560DEC-77BD-43BE-A6FC-20D56006B691", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "E2672968-80C7-4CAB-BFC4-A23817288787", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "32C77288-8B1C-4234-85FB-981E87BF5B49", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "4CEFE993-68DD-424B-B1C9-7CF50660324D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "51ABD2A3-42E9-4D25-9A7D-43A0FC3EC4AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "B8373E24-3966-4351-B9A9-D55D7D8D1AF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "D421BD2C-C5BA-46B8-98DE-85BCD388F8A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "25B3881B-9C61-49EA-ABBD-6467F26EBA8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "4AF354A0-19EC-404D-B0FA-1728947966D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AD4EBBF-DC5A-41F4-BEBF-62687CADE12B", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F70DE9F3-C118-4390-AEEF-3209B86C9DE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "BEED7ED6-1B3F-40F3-8233-1467800072B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "3F0B4890-D142-492E-B80E-D8D7F9B0339D", "vulnerable": true}, {"criteria": "cpe:2.3:a:tigris:tortoisesvn:1.6.6:*:*:*:*:*:*:*", "matchCriteriaId": "CCA62F2E-C83D-4ECC-8684-E5FFDE81A4BB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Tortoise. NOTE: this is only a vulnerability when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default."}, {"lang": "es", "value": "Vulnerabilidad ruta de b\u00fasqueda no confiable en TortoiseSVN v1.6.10, Build 19898 y anteriores, permite ejecutar codigo de sue eleccion a usuarios locales, y posiblemente a atacantes remotos tambi\u00e9n llevar a cabo ataques a trav\u00e9s de secuestro de archivo DLL a trav\u00e9s del caballo de troya dwmapi.dll que se encuentra en la misma carpeta que el archivo que est\u00e1 tratando de procesar Tortoise. NOTE: Esta vulnerabilidad se produce cuando una extensi\u00f3n de fichero est\u00e1 asociada con TortoiseProc o TortoiseMerge, lo que no est\u00e1 configurado por defecto."}], "id": "CVE-2010-3199", "lastModified": "2018-10-10T20:01:25.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-09-10T20:00:01.207", "references": [{"source": "cve@mitre.org", "url": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653163"}, {"source": "cve@mitre.org", "url": "http://tortoisesvn.tigris.org/ds/viewMessage.do?dsForumId=4061&dsMessageId=2653202&orderBy=createDate&orderType=desc"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/513442/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/513463/100/0/threaded"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}