Lucene search
HistoryOct 23, 2014 - 2:55 p.m.
CVE-2014-0619
cve-2014-0619
untrusted search path
hamster free zip archiver
arbitrary code execution
dll hijacking
nvd
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.
Affected configurations
Node
hamstersofthamster_free_zip_archiverMatch2.0.1.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| hamstersoft:hamster_free_zip_archiver | hamstersoft hamster free zip archiver | eq | 2.0.1.7 |
Related
packetstorm
packetstorm
Hamster Free ZIP Archiver 2.0.1.7 DLL Hijacking
2014-10-16 00:00:00
nvd
nvd
CVE-2014-0619
2014-10-23 14:55:01
prion
prion
Design/Logic Flaw
2014-10-23 14:55:00
cvelist
cvelist
CVE-2014-0619
2014-10-23 14:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2014-0619