VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 26, 2010· Updated Apr 29, 2026

CVE-2010-3129

CVE-2010-3129

Description

Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwmapi.dll, iphlpapi.dll, dhcpcsvc.dll, dhcpcsvc6.dll, or rpcrtremote.dll that is located in the same folder as a .torrent or .btsearch file.

Affected products

26
  • Utorrent/Utorrent26 versions
    cpe:2.3:a:utorrent:utorrent:1.1.1:*:*:*:*:*:*:*+ 25 more
    • cpe:2.3:a:utorrent:utorrent:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.8.1:rc1:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:1.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:utorrent:utorrent:2.0.3:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.