https://pwnwiki.com/index.php?action=history&feed=atom&title=CVE-2010-4804_MicroStation_7.1%E6%AC%8A%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E CVE-2010-4804 MicroStation 7.1權限提升漏洞 - Revision history 2026-04-17T03:06:14Z Revision history for this page on the wiki MediaWiki 1.35.1 https://pwnwiki.com/index.php?title=CVE-2010-4804_MicroStation_7.1%E6%AC%8A%E9%99%90%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E&diff=953&oldid=prev Pwnwiki: Created page with "==INFO== <pre> # CVE-2010-5230 Multiple untrusted search path vulnerabilities in MicroStation 7.1 allow local users to gain privileges via a Trojan horse (1) mptools.dll, (2)..." 2021-04-03T06:16:07Z <p>Created page with &quot;==INFO== &lt;pre&gt; # CVE-2010-5230 Multiple untrusted search path vulnerabilities in MicroStation 7.1 allow local users to gain privileges via a Trojan horse (1) mptools.dll, (2)...&quot;</p> <p><b>New page</b></p><div>==INFO==<br /> &lt;pre&gt;<br /> # CVE-2010-5230<br /> Multiple untrusted search path vulnerabilities in MicroStation 7.1 allow local users to gain privileges via a Trojan horse (1) mptools.dll, (2) baseman.dll, (3) wintab32.dll, or (4) wintab.dll file in the current working directory, as demonstrated by a directory that contains a .hln or .rdl file. NOTE: some of these details are obtained from third party information.<br /> <br /> Hi folks,<br /> <br /> After playing with windows DLL hijack toolkit,I got exploit POC for Pipe<br /> design software Bentaly Microstation 7.1,Nero 8.2.8.0,Quicktime pictureviwer<br /> 7.6.5<br /> <br /> Bentley Microstation 7.1:<br /> <br /> File :Ustation.exe File type:hln Hijack Dll:mptools.dll<br /> File :Ustation.exe File type:rdl Hijack<br /> Dll:baseman.dll,wintab32.dll,wintab.dll<br /> <br /> Nero 8.2.8.0<br /> <br /> File :nero.exe File type:nab Hijack Dll:bcgpoleacc.dll<br /> <br /> Quicktime pictureviwer 7.6.5<br /> <br /> File :pictureviewer.exe File type:mac,pct,pic,pict,pnt,pntg,qti,qtif<br /> Hijack Dll:cfnetwork.dll<br /> File :pictureviewer.exe File type:pct,pic,pict,pnt,pntg,qti,qtif<br /> Hijack Dll:corefoundation.dll<br /> <br /> Download Link Generated POC's<br /> <br /> https://paper.seebug.org/papers/old_sebug_paper/Exploits-Archives/2010-exploits/1008-exploits/Microstation_dllhijact_exploit.rar<br /> <br /> https://paper.seebug.org/papers/old_sebug_paper/Exploits-Archives/2010-exploits/1008-exploits/Nero_dllhijack_exploit.rar<br /> <br /> https://paper.seebug.org/papers/old_sebug_paper/Exploits-Archives/2010-exploits/1008-exploits/quicktime_pictureviwer_dllhijact_exploit.rar<br /> <br /> <br /> For test cases-<br /> http://reach2kalyan.blogspot.com/2010/08/playing-with-dll-hijack-bug.html<br /> <br /> <br /> Kalyan<br /> http://reach2kalyan.blogspot.com/<br /> <br /> &lt;/pre&gt;<br /> <br /> ==EXP==<br /> https://github.com/JustYoomoon/Exploit/blob/main/CVE-2010-5230.zip</div> Pwnwiki