Microsoft Windows Backup Manager Insecure Library Loading (MS11-001; CVE-2010-3145)

The Windows Backup Manager sdclt.exe allows users to restore a computer's system files to an earlier point in time. A remote attacker could convince a user to open a legitimate Windows Backup Catalog file .wbcat that is located in the same network directory as a specially crafted DLL file. Then,...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Windows Movie Maker WMM 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker MSWMM file, aka "Insecure Library Loading Vulnerability."...

Design/Logic Flaw

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST...

CVE-2010-3965

The CVE-2010-3965 issue is an Insecure Library Loading (untrusted search path) vulnerability in Windows Media Encoder 9. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 Gold/SP2. The root cause is that Windows Media Encoder loa...

CVE-2010-3967

CVE-2010-3967 describes an Untrusted Search Path/Insecure Library Loading vulnerability in Microsoft Windows Movie Maker 2.6. A Trojan DLL placed in the current working directory (e.g., a directory containing an MSWMM file) can be loaded by WMM, allowing local users to gain privileges. The issue ...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

MS10-097: Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)

The remote Windows host contains a version of the Internet Connection Signup Wizard that incorrectly restricts the path used for loading external libraries. If an attacker can trick a user on the affected system into opening a specially crafted .ins or .isp file located in the same network...

Adobe Photoshop CS5 < 12.0.2 (APSB10-30)

The installed version of Adobe Photoshop is older than 12.0.2, and hence affected by the following issues : - Insecure library loading, which could result in arbitrary code execution. CVE-2010-3127 - Multiple unspecified vulnerabilities. C Tenable Network Security, Inc. include"compat.inc"; if...

Microsoft Windows Media Encoder Insecure Library Loading (MS10-094; CVE-2010-3965)

Microsoft Windows Media Encoder is a production tool for converting both live and prerecorded audio and video to Windows Media Format. A remote code execution vulnerability has been reported in the way that Microsoft Office handles the loading of DLL files. The vulnerability is caused when the...

AOL Instant Messenger Insecure Library Loading Vulnerability

A vulnerability has been discovered in AOL Instant Messenger, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. Libraries list called is as follows: • dwmapi.dll This can be exploit...

Native Instruments Kontakt 4 Player 4.1.3 Insecure Library Loading

/ Native Instruments Kontakt 4 Player v4.1.3 Insecure Library Loading Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 4.1.3.4125 Standalone Summary: KONTAKT 4 PLAYER is the free sample player based on award-winning KONTAKT...

Native Instruments Guitar Rig 4 Player v4.1.1 Insecure Library Loading Vulnerability

Summary GUITAR RIG 4 PLAYER is the free, modular and expandable effects processor from Native Instruments, combining creative effects routing possibilities with ease-of-use and pristine sound quality. The included FACTORY SELECTION library provides one stunning Amp emulation with Matched Cabinet,...

Native Instruments Reaktor 5 Player v5.5.1 Insecure Library Loading Vulnerability

Summary REAKTOR 5 PLAYER is your free entry point to the award-winning and avant-garde audio world of REAKTOR 5 - the super-powerful modular sound studio that made Native Instruments famous. Description Reaktor 5 Player suffers from a DLL hijacking vulnerability, which could be exploited by remot...

Native Instruments Reaktor 5 Player 5.5.1 Insecure Library Loading

/ Native Instruments Reaktor 5 Player v5.5.1 Insecure Library Loading Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 5.5.1 R10584 or 5.5.1.10584 Standalone Summary: REAKTOR 5 PLAYER is your free entry point to the award-winning...

Native Instruments Service Center 2.2.5 Insecure Library Loading Vulnerability

Summary The NI Service Center is a service used for Product Activation. Description The Service Center suffers from a DLL hijacking vulnerability, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused due to the application insecurely loading certain...

Native Instruments Service Center 2.2.5 Insecure Library Loading

/ Native Instruments Service Center 2.2.5 Insecure Library Loading Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 2.2.5 R596 Summary: The NI Service Center is a service used for Product Activation. Desc: The Service Center suffe...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3141 and CVE-2010-3142...

Nevercenter Silo 2.1.1 DLL Hijacking

/ Nevercenter Silo 2.1.1 Insecure Library Loading Vulnerability Vendor: Nevercenter Ltd. Co. Product web page: http://www.nevercenter.com Affected version: 2.1.1 Summary: Silo 2 is a focused 3D modeling application with the ability to effortlessly switch between organically sculpting high-polygon...