Unrated severityNVD Advisory· Published Sep 15, 2010· Updated Jun 16, 2026
CVE-2010-3397
CVE-2010-3397
Description
Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, 9.10.x, 10.0.0 Build 2732, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse tsp.dll or tvttsp.dll that is located in the same folder as a .p12, .pem, .pgp, .prk, .prvkr, .pubkr, .rnd, or .skr file.
Affected products
4cpe:2.3:a:pgp:desktop:10.0.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:pgp:desktop:10.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:pgp:desktop:9.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:pgp:desktop:9.9.0:*:*:*:*:*:*:*
- Range: 9.9.0 Build 397, 9.10.x, 10.0.0 Build 2732
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.