34 matches found
Installer of Overwolf may insecurely load Dynamic Link Libraries
Overview Overwolf is a software framework for creating applications for games. The Overwolf Installer contains an issue with the DLL search path CWE-427, which may lead to insecurely loading Dynamic Link Libraries stored in the same directory where the installer resides. Shogo kumamaru of LAC Co....
UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL may insecurely load Dynamic Link Libraries
Overview UNLHA32.DLL, UNARJ32.DLL, LHMelting and LMLzh32.DLL provided by Micco contain vulnerabilities listed below. Self-Extracting Archives created by UNLHA32.DLL may insecurely load Dynamic Link Libraries CWE-427 - CVE-2018-16189 Insecurely load specific DLL file in the same directory CWE-427 ...
Adobe TCS Privilege Escalation Vulnerability (APSB18-38) - Windows
Adobe TCS is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:tcs";...
JVN#94056834: Installer of HIBUN Confidential File Viewer may insecurely load Dynamic Link Libraries and invoke executable files
Installer of HIBUN Confidential File Viewer provided by Hitachi Solutions, Ltd. contains an issue with the search path for DLL/executable files, which may lead to insecurely loading Dynamic Link Libraries and invoking executable files CWE-427. Impact Arbitrary code may be executed with the...
JVN#67305782: Installer of CASL II simulator(self-extract format) may insecurely load Dynamic Link Libraries
Installer of CASL II simulatorself-extract format provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the privilege of the user invoking t...
The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries
Overview The electronic authentication system based on the commercial registration system "The CRCA user's Software" provided by the Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. reported...
Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries
Overview PhishWall Client Internet Explorer Version, provided by SecureBrain Corporation, is an anti-phishing and anti-MITB software. The installer of PhishWall Client Internet Explorer Version contains an issue with the DLL search path, which may lead to insecurely loading dynamic linking...
JVN#49503705: Python for Windows may insecurely load dynamic libraries
Python for Windows contains an issue with the DLL search path, which may lead to insecurely loading a DLL called readline.pyd. Impact Arbitray code may be executed with the privileges of python.exe. Solution Apply a workaround Applying the following workaround will mitigate the effects of this...
SAP GUI DLL Loading Arbitrary Code Execution (Note 1511179)
The remote host is running a version of SAP GUI that reportedly insecurely looks in its current working directory when resolving DLLs such as 'MFC80LOC.DLL' and 'MFC80RUS.DLL'. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72211; scriptversion"1.4";...
WellinTech KingView 6.53 < 2012-03-22 Multiple Vulnerabilities
Binary data scadakingview6532012-03-22.nbin...
Scientific Toolworks Understand 'wintab32.dll' DLL Loading Arbitrary Code Execution
The version of Scientific Toolworks Understand installed on the remote Windows host is earlier than 2.6 Build 600. As such, it insecurely looks in its current working directory when resolving DLL dependencies, such as for 'wintab32.dll'. Attackers may exploit this issue by placing a specially...
Microsoft Office multiple security vulnerabilities
Privilege escalation, use-after-free, insecure DLL loading, memory corruption...
PT-2011-3531 · Microsoft · Display Panning Cpl Extension +11
Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2 through R2 SP1 Microsoft Windows 7 versions Gold through SP1 Description: T...
Microsoft Windows backup manager insecure DLL loading
insecure DLL loading on .wbcat file opening...