CVE-2017-2288
CVE-2017-2288 refers to an untrusted DLL search path in LhaForge versions up to 1.6.5, caused by insecure DLL loading during installer execution. The underlying issue (CWE-427) allows arbitrary code execution with the invoking user’s privileges when the installer runs. Affected product: LhaForge ...