The installers of E START products may insecurely load Dynamic Link Libraries

Overview The installers of E START products by GMO INSIGHT Inc. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the folder specified by the TEMP environment variable or where the installer resides CWE-427, CVE-2015-9267, and CVE-2015-9268...

JVN#68418039: The installers of E START products may insecurely load Dynamic Link Libraries

The installers of E START products by GMO INSIGHT Inc. contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries in the folder specified by the TEMP environment variable or where the installer resides CWE-427, CVE-2015-9267, and CVE-2015-9268. Impact...

JVN#69635538: The installer of SKYSEA Client View may insecurely load Dynamic Link Libraries

SKYSEA Client View provided by Sky Co., LTD. is an Enterprise IT Asset Management Tool. The installer of SKYSEA Client View contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of...

Self-Extracting files created by multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

Overview Self-Extracting files created by multiple SEIKO EPSON products contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. SEIKO EPSON CORPORATION reported this vulnerability to JPCERT/CC to notify users of its solution through JVN...

Epson Setupmanager Code Issue Vulnerability

Epson Setupmanager is a printer driver software from Epson Japan for Windows operating systems. A code issue vulnerability exists in the self-extracting file in version 2.2.1 of Epson Setupmanager, which could lead to unsafe loading of dynamic link libraries...

The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

Overview The installers of multiple products by SEIKO EPSON CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated wi...

JVN#26835001: The installers of multiple SEIKO EPSON products may insecurely load Dynamic Link Libraries

The installers of multiple products by SEIKO EPSON CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...

Emotet Malware

Summary This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise framework for all referenced threat actor techniques. This product was written by the Cybersecurity and Infrastructure Security Agency CISA and the Multi-State...

Overlay Malware Targets Windows Users with a DLL Hijack Twist

Brazilians are being warned of a new overlay malware targeting Windows users in order to siphon victims’ financial data and drain their bank accounts. Researchers say what the malware, dubbed Vizom, lacks in sophistication it makes up for in its creative abuse of the Windows ecosystem. Trusteer, ...

CVE-2020-24162

The Shenzhen Tencent app 5.8.2.5300 for PC platforms from Tencent App Center has a DLL hijacking vulnerability. Attackers can use this vulnerability to execute malicious code...

CVE-2019-19161

CyMiInstaller322 ActiveX which runs MIPLATFORM downloads files required to run applications. A vulnerability in downloading files by CyMiInstaller322 ActiveX caused by an attacker to download randomly generated DLL files and MIPLATFORM to load those DLLs due to insufficient verification...

CVE-2020-10616

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts...

Cool Music is vulnerable to dll hijacking

Cool Music is an online digital music platform. A dll hijacking vulnerability exists in CoolMusic, which can be exploited by an attacker to load an untrusted dynamic link library for command execution...

CVE-2020-9290

An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and FortiClientVPNOnlineInstaller.exe resides to execute arbitrary code on the system via uploading...

Good Pressure is vulnerable to DLL hijacking

Good Pressure is a completely free new generation of compression software under 2345. Goodpress has a dll hijacking vulnerability, which can be exploited by attackers to load malicious dlls and execute malicious code...

STAMP Workbench Installer Code Issue Vulnerability

STAMP Workbench is a modeling tool that supports support for STAMP Systems Theory Accident Models and Processes/STPA Systems Theory Process Analysis. A code issue vulnerability exists in the STAMP Workbench installer that can be exploited by an attacker to cause unsafe loading of dynamic link...

JVN#19386781: STAMP Workbench installer may insecurely load Dynamic Link Libraries

STAMP Workbench is a modeling tool for STAMP provided by INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN IPA. It is distirbuted as a ZIP archive or an Windows executable installer. The Windows executable installer contains an issue with the DLL search path, which may lead to insecurely loading...

Cisco Jabber for Windows DLL Preloading Vulnerability (cisco-sa-20190703-jabber-dll)

According to its self-reported version, Cisco Jabber for Windows is affected by a vulnerability in the loading mechanism of specific dynamic link libraries due to insufficient validation of the resources loaded by the application at run time. An authenticated, local attacker can exploit this to...

CVE-2019-1855 Cisco Jabber for Windows DLL Preloading Vulnerability

A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...

New Dridex Variant Slips By Anti-Virus Detection

Researchers have spotted a variant of the Dridex banking trojan with new obfuscation capabilities that help it skirt anti-virus detection. While Dridex has been around since 2011, researchers told Threatpost Friday that they recently spotted phishing emails distributing a never-before-seen varian...