CVE-2011-0029

HIGH

Description

Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability."

References

http://osvdb.org/71014

http://secunia.com/advisories/43628

http://www.securitytracker.com/id?1025172

http://www.us-cert.gov/cas/techalerts/TA11-067A.html

http://www.vupen.com/english/advisories/2011/0616

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-017

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12480

Details

Source: MITRE

Published: 2011-03-09

Updated: 2019-02-26

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

AND

OR

cpe:2.3:a:microsoft:remote_desktop_connection_client:5.2:*:*:*:*:*:*:*

OR

cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Configuration 2

AND

OR

cpe:2.3:a:microsoft:remote_desktop_connection_client:6.0:*:*:*:*:*:*:*

OR

cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:*

Configuration 3

AND

OR

cpe:2.3:a:microsoft:remote_desktop_connection_client:7.0:*:*:*:*:*:*:*

OR

cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:a:microsoft:remote_desktop_connection_client:6.1:*:*:*:*:*:*:*

OR

cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:*

cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows_vista:*:sp2:x64:*:*:*:*:*

cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*

Tenable Plugins

View all (1 total)

IDNameProductFamilySeverity
52585MS11-017: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (2508062)NessusWindows : Microsoft Bulletins
high