Skype for Windows Untrustworthy Search Path Vulnerability

Microsoft Skype is a suite of instant messaging software from the American company Microsoft. An untrusted search path vulnerability exists in Microsoft Skype. A local attacker can exploit this vulnerability by executing arbitrary code with the help of the msi.dll, dpapi.dll, or cryptui.dll files...

About the security content of iCloud for Windows 6.0.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Nidesoft MP3 Converter DLL Hijacking Vulnerability

Nidesoft MP3 Converter is a professional tool for MP3 conversion, which can convert video files, MP3 music and many other audio formats. A DLL hijacking vulnerability exists in the quserex.dll file in Nidesoft MP3 Converter version 2.6.18, which can be exploited by local attackers to inject code ...

CodeBlocks DLL Hijacking Vulnerability

CodeBlocks is an open source full-featured cross-platform C/C++ IDE. A DLL hijacking vulnerability exists in CodeBlocks version 12.11, which can be exploited by a local attacker to inject code or gain advanced access...

CVE-2016-7275

Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."...

Once due to bug fixes to trigger the vulnerability—CVE-2016-6309 vulnerability detailed analysis-vulnerability warning-the black bar safety net

openssl released a security level for”serious”UAF vulnerability, the exploit is simple, only need to send a tcp packet will trigger the vulnerability, but the consequences are serious, may result in TLS-related applications denial of service or even arbitrary code execution and other consequences...

The installers of multiple Japan Pension Service software may insecurely load Dynamic Link Libraries

Overview The installers of multiple Japan Pension Service software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer und...

DLL Hijacking Vulnerability in Kingsoft PPT Beautifier Software

Kingsoft PPT Beautifier is a PPT beautification and creation aid. Kingsoft PPT Beautifier has a DLL hijacking vulnerability, allowing attackers to exploit the vulnerability in the windows2003\windows7 environment, variable relative OFFICE software infection, even if the malicious DLL deleted from...

About the security content of iCloud for Windows 6.0.1

About the security content of iCloud for Windows 6.0.1 This document describes the security content of iCloud for Windows 6.0.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

HMI/SCADA software webaccess 7.2/8.0/8.1 has 4 dll hijack vulnerabilities

WebAccess can build an information management platform for users and synchronize the efficiency of vertical market management development. There are 4 dll hijack vulnerabilities in the HMI/SCADA software webaccess, when bwopctool.dll, bwabout.dll, BwPAlarm.dll, and Webvsid.dll are loaded...

[SECURITY] Fedora 23 Update: kf5-kinit-5.24.0-1.fc23

kdeinit is a process launcher somewhat similar to the famous init used for booting UNIX. It launches processes by forking and then loading a dynamic library which s hould contain a 'kdemain...' function...

[SECURITY] Fedora 24 Update: kf5-kinit-5.24.0-1.fc24

kdeinit is a process launcher somewhat similar to the famous init used for booting UNIX. It launches processes by forking and then loading a dynamic library which s hould contain a 'kdemain...' function...

CVE-2016-4831

Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory...

[SECURITY] Fedora 23 Update: kf5-kinit-5.22.0-3.fc23

kdeinit is a process launcher somewhat similar to the famous init used for booting UNIX. It launches processes by forking and then loading a dynamic library which s hould contain a 'kdemain...' function...

[SECURITY] Fedora 24 Update: kf5-kinit-5.22.0-3.fc24

kdeinit is a process launcher somewhat similar to the famous init used for booting UNIX. It launches processes by forking and then loading a dynamic library which s hould contain a 'kdemain...' function...

About the security content of iTunes 12.4 - Apple Support

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...

About the security content of iTunes 12.4

About the security content of iTunes 12.4 This document describes the security content of iTunes 12.4. For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To...

Flexera InstallShield Untrusted Search Path Vulnerability

Flexera InstallShield is a Windows installation development solution. An untrusted search path vulnerability in Flexera InstallShield 2015 SP1 and prior versions allows local users to gain privileges via a Trojan horse DLL in the current working directory of the launcher executable...

PT-2016-3439

Name of the Vulnerable Software and Affected Versions Flexera InstallShield through 2015 SP1 AVEVA Edge InstallShield affected versions not specified Description The issue is related to an untrusted search path vulnerability that allows local users to gain privileges via a Trojan horse DLL in the...

CVE-2016-0016

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL...