Published on 27/08/10 - Updated on 19/09/17
Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32res.dll that is located in the same folder as a .contact, .group, .p7c, .vcf, or .wab file. NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3147.
There is insufficient information about the issue to classify it; details are unknown or unspecified.
|EDB-14733, EDB-14745, EDB-14778|