CVE-2011-3396 - Vulnerability Details - OpenCVE

Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Powerpoint

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:powerpoint:2007:sp2::::::
	cpe:2.3:a:microsoft:powerpoint:2010::x32:::::
	cpe:2.3:a:microsoft:powerpoint:2010::x64:::::

No data.

References

Link	Providers
http://www.us-cert.gov/cas/techalerts/TA11-347A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14665

History

No history.

MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2011-12-14T00:00:00

Updated: 2024-08-06T23:29:56.894Z

Reserved: 2011-09-09T00:00:00

Link: CVE-2011-3396

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-12-14T00:55:01.370

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-3396

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-12-13T00:00:00", "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka \"PowerPoint Insecure Library Loading Vulnerability.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-12T19:57:01", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"name": "TA11-347A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-347A.html"}, {"name": "MS11-094", "tags": ["vendor-advisory", "x_refsource_MS"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094"}, {"name": "oval:org.mitre.oval:def:14665", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14665"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2011-3396", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka \"PowerPoint Insecure Library Loading Vulnerability.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "TA11-347A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA11-347A.html"}, {"name": "MS11-094", "refsource": "MS", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094"}, {"name": "oval:org.mitre.oval:def:14665", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14665"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T23:29:56.894Z"}, "title": "CVE Program Container", "references": [{"name": "TA11-347A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-347A.html"}, {"name": "MS11-094", "tags": ["vendor-advisory", "x_refsource_MS", "x_transferred"], "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094"}, {"name": "oval:org.mitre.oval:def:14665", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14665"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2011-3396", "datePublished": "2011-12-14T00:00:00", "dateReserved": "2011-09-09T00:00:00", "dateUpdated": "2024-08-06T23:29:56.894Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:powerpoint:2007:sp2:*:*:*:*:*:*", "matchCriteriaId": "B9B8A17F-9A70-43A1-95E8-6554F73B9AEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:powerpoint:2010:*:x32:*:*:*:*:*", "matchCriteriaId": "D538369B-469B-4D57-908F-330A1DDC9045", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:powerpoint:2010:*:x64:*:*:*:*:*", "matchCriteriaId": "23D7A3B7-F86D-4C59-9BF5-D359361BAA93", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka \"PowerPoint Insecure Library Loading Vulnerability.\""}, {"lang": "es", "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en Microsoft PowerPoint 2007 SP2 y 2010 permite a usuarios locales escalar privilegios a trav\u00e9s de una DLL troyanizada en el directorio de trabajo actual. Tambi\u00e9n conocida como \"Vulnerabilidad de carga de librer\u00eda insegura PowerPoint\"."}], "evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n'CWE-426: Untrusted Search Path'", "evaluatorImpact": "Per: http://technet.microsoft.com/en-us/security/bulletin/ms11-094\r\n\r\n'PowerPoint Insecure Library Loading Vulnerability - CVE-2011-3396\r\n\r\nA remote code execution vulnerability exists in the way that Microsoft PowerPoint handles the loading of DLL files.'", "id": "CVE-2011-3396", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-12-14T00:55:01.370", "references": [{"source": "secure@microsoft.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-347A.html"}, {"source": "secure@microsoft.com", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094"}, {"source": "secure@microsoft.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14665"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-347A.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14665"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}