287 matches found
CVE-2019-7364
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user...
CVE-2019-7362
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution...
Remote code execution
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user...
Remote code execution
DLL preloading vulnerability in Autodesk Design Review versions 2011, 2012, 2013, and 2018. An attacker may trick a user into opening a malicious DWF file that may leverage a DLL preloading vulnerability, which may result in code execution...
CVE-2019-7364
CVE-2019-7364 describes a DLL preloading vulnerability in Autodesk products (2017–2020 Autodesk Advanced Steel, Civil 3D, AutoCAD and related tools; plus AutoCAD P&ID 2017). The issue allows an attacker to cause code execution by persuading a user to open a malicious DWG file that leverages the D...
CVE-2019-7364
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user...
CVE-2019-7362
Autodesk Design Review (Windows) is affected by a DLL preloading vulnerability (CVE-2019-7362) in ADR versions 2011, 2012, 2013, and 2018. The issue allows code execution if a user opens a malicious DWF file, due to how a DLL is loaded. Root cause: DLL preloading. Exploitation details, affected b...
Cisco Jabber for Windows DLL Preloading Vulnerability (cisco-sa-20190703-jabber-dll)
According to its self-reported version, Cisco Jabber for Windows is affected by a vulnerability in the loading mechanism of specific dynamic link libraries due to insufficient validation of the resources loaded by the application at run time. An authenticated, local attacker can exploit this to...
CVE-2019-1855
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...
Input validation
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...
CVE-2019-1855 Cisco Jabber for Windows DLL Preloading Vulnerability
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...
CVE-2019-1855
Cisco Jabber for Windows DLL Preloading Vulnerability (CVE-2019-1855) affects Jabber for Windows where insufficient validation of loaded resources allows a local, authenticated attacker to preload a malicious DLL and achieve arbitrary code execution when Jabber launches. Exploitation requires cra...
CVE-2019-1855 Cisco Jabber for Windows DLL Preloading Vulnerability
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...
Cisco Jabber for Windows DLL Preloading Vulnerability
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...
KLA12055 ACE vulnerability in Cisco Jabber
A loading mechanism vulnerability was found in Cisco Jabber. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories Cisco Jabber for Windows DLL Preloading Vulnerability Related products Cisco-Jabber CVE list CVE-2019-1855 high Solution Update to the latest...
CVE-2019-5676
NVIDIA Windows GPU Display driver software for Windows all versions contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, leading to escalation of privileges through code...
Design/Logic Flaw
NVIDIA Windows GPU Display driver software for Windows all versions contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, leading to escalation of privileges through code...
CVE-2019-5676
NVIDIA Windows GPU Display driver software for Windows all versions contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, leading to escalation of privileges through code...
CVE-2019-5676
NVIDIA Windows GPU Display driver software for Windows all versions contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature also known as a binary planting or DLL preloading attack, leading to escalation of privileges through code...
Nvidia Warns Windows Gamers on GPU Driver Flaws
Graphics chipmaker Nvidia has issued three patches for high-severity vulnerabilities in its GPU display driver, which could lead to information disclosure, escalation of privileges and denial of service DoS in impacted Windows gaming devices. Nvidia’s graphics driver for Windows is used in device...