Design/Logic Flaw

2012-07-0322:55:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.8%

JSON

Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current working directory.

CPENameOperatorVersion
kmplayereq3.2.0.19

CPE	Name	Operator	Version
	kmplayer	eq	3.2.0.19

References

osvdb.org/81558

packetstormsecurity.org/files/112218/KMPlayer-3.2.0.19-DLL-Hijack.html

exchange.xforce.ibmcloud.com/vulnerabilities/75193