3 matches found
CVE-2018-20211
ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws3232.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 9.x was released starti...
CVE-2018-20211
CVE-2018-20211 affects ExifTool v8.32. Local privilege escalation via DLL hijacking: an attacker creates a TEMP\par-%username%\cache-exiftool-8.32 folder and places a malicious ws32_32.dll there, allowing privilege gain when a victim runs the tool. Root cause is loading a DLL from a user-writable...
Exiftool 8.3.2.0 DLL Hijacking
...