CVE-2010-3402
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-3402
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a bin, cpp, css, c, dat, hpp, html, h, ini, java, log, mak, php, prj, txt, or xml file.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
IDM Computer Solutions UltraEdit 'dwmapi.dll' DLL Loading任意代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
UltraEdit 是IDM Computer Solutions公司出品的理想的文本、HTML 和十六进制编辑器,也是高级 PHP、Perl、Java 和 JavaScript 程序编辑器。 IDM Computer Solutions UltraEdit 16.20.0.1009和16.10.0.1036版本以及其他版本中存在非信任搜索路径漏洞。本地用户也有可能是远程攻击者可以借助与bin,cpp,css,c,dat,hpp,html,h,ini,java,log,mak,php,prj,txt或xm
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-3402
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-3402
请登录查看更多情报信息。
- http://archives.neohapsis.com/archives/fulldisclosure/2010-09/0227.htmlmailing-listx_refsource_FULLDISC
- https://nvd.nist.gov/vuln/detail/CVE-2010-3402
Same Patch Batch · n/a · 2010-09-16 · 24 CVEs total
| CVE-2010-3417 | Google Chrome信息泄露漏洞 | |
| CVE-2010-3428 | Intermesh Group-Office 'modules/notes/json.php' SQL注入漏洞 | |
| CVE-2010-3427 | Open Classifieds多个跨站脚本攻击漏洞 | |
| CVE-2010-3426 | Joomla!本地文件包含漏洞 | |
| CVE-2010-3425 | Smartertools SmarterStats跨站脚本攻击漏洞 | |
| CVE-2010-3424 | Invision Power Board BBCode 'admin/sources/classes/bbcode/custom/defaults.php'跨站脚本攻击漏洞 | |
| CVE-2010-3423 | Drupal Yr Weatherdata模块SQL注入漏洞 | |
| CVE-2010-3422 | Solventus JGen组件'id'参数SQL注入漏洞 | |
| CVE-2010-3421 | ProductCart 'AffiliateLogin.asp'跨站脚本攻击漏洞 | |
| CVE-2010-3420 | Webassist PowerStore 'Products_Results.php'跨站脚本攻击漏洞 | |
| CVE-2010-3419 | Haudenschilt Family Connections CMS多个PHP远程文件包含漏洞 | |
| CVE-2010-3418 | NetArt Media Car Portal 'y'参数多个跨站脚本攻击漏洞 | |
| CVE-2010-3403 | Qualcomm eXtensible Diagnostic Monitor非信任搜索路径漏洞 | |
| CVE-2010-3415 | Google Chrome缓冲区错误漏洞 | |
| CVE-2010-3414 | Google Chrome 文件对话框拒绝服务漏洞 | |
| CVE-2010-3413 | Google Chrome未明漏洞 | |
| CVE-2010-3412 | Google Chrome控制台功能竞争条件漏洞 | |
| CVE-2010-3411 | Google Chrome输入验证错误漏洞 | |
| CVE-2010-3407 | IBM Lotus Domino iCalendar邮件地址解析栈溢出漏洞 | |
| CVE-2010-3406 | IBM AIX 'bos.esagent' sa_snap未明漏洞 |
Showing top 20 of 24 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2010-3402
No comments yet