Vulners
Lucene search
CVE-2021-22000
🗓️ 13 Jul 2021 18:01:34Reported by vmwareType 
cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 95 Views🌐 WEB
| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
 | The vulnerability of VMware ThinApp, a virtualization and portable application creation tool, lies in the insecure loading of DLL libraries, which allows attackers to escalate their privileges. | 2 Aug 202100:00 | – | bdu_fstec |
 | VMware Thinapp 代码问题漏洞 | 13 Jul 202100:00 | – | cnnvd |
 | CVE-2021-22000 | 13 Jul 202118:01 | – | cvelist |
 | EUVD-2021-9170 | 3 Oct 202520:07 | – | euvd |
 | CVE-2021-22000 | 13 Jul 202119:15 | – | nvd |
 | VMware ThinApp DLL Hijacking | 16 Jul 202100:00 | – | packetstorm |
 | Design/Logic Flaw | 13 Jul 202119:15 | – | prion |
 | CVE-2021-22000 | 9 Jan 202611:21 | – | redhatcve |
 | VMware ThinApp update addresses a DLL hijacking vulnerability (CVE-2021-22000) | 13 Jul 202100:00 | – | vmware |
[
{
"product": "Vmware Thinapp",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "VMware Thinapp 5.x prior to 5.2.10"
}
]
}
]| Source | Link |
|---|---|
| seclists | www.seclists.org/fulldisclosure/2021/Jul/35 |
| packetstormsecurity | www.packetstormsecurity.com/files/163521/VMware-ThinApp-DLL-Hijacking.html |
| vmware | www.vmware.com/security/advisories/VMSA-2021-0015.html |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| \\DummyTLS\\dummyTLS.dll | path | C:\Program Files (x86)\VMware\VMware ThinApp\Setup Capture.exe | DLL hijacking via loading a crafted DLL path (\DummyTLS\dummyTLS.dll) during setup/launch, enabling arbitrary DLL loading and potential privilege escalation. | CWE-427 |
| C:\\DummyTLS\\dummyTLS.dll | path | C:\Program Files (x86)\VMware\VMware ThinApp\Setup Capture.exe | DLL hijacking via loading a crafted DLL path (\DummyTLS\dummyTLS.dll) during setup/launch, enabling arbitrary DLL loading and potential privilege escalation. | CWE-427 |
| \\DummyTLS\\dummyTLS.dll | path | C:\DummyTLS\dummyTLS.dll | DLL that can be loaded by a vulnerable process due to relative/path handling in LoadLibraryExW leading to hijacking. | CWE-427 |
| C:\\DummyTLS\\dummyTLS.dll | path | C:\DummyTLS\dummyTLS.dll | DLL that can be loaded by a vulnerable process due to relative/path handling in LoadLibraryExW leading to hijacking. | CWE-427 |
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Jun 2026 03:36Current
7.5High risk
Vulners AI Score7.5
CVSS 26.9
CVSS 3.17.8
EPSS0.00563