EUVD-2019-1847

Malware in sbrugna...

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

Security Bulletin: Various IBM WebSphere MQ Installers are susceptible to DLL-planting vulnerabilities (CVE-2016-2542 & CVE-2016-4560)

Summary Various IBM WebSphere MQ graphical user interface installers are susceptible to a DLL-planting vulnerability where a malicious DLL, that is present in the Windows search path, could be loaded by the operating system in place of the genuine file. The vulnerability affects Windows executabl...

SoftMaker Office 201x Privilege Escalation

Hi @ll, the service pack installers for SoftMaker Office 201x, available from , are surprise.- vulnerable. The executable installer OUCH ofw16763.exe, a 7z SFX OUCH, creates an UNPROTECTED directory "%TEMP%\7zSxxxxxxxx" to extract its payload, then executes "%TEMP%\7zSxxxxxxxx\spsetup.exe"...

InstallShield DLL Hijacking

Hi @ll, executable installers ° created with InstallShield see alias are vulnerable: 1. Their wrappers/self-extractors load and execute a rogue/bogus/ malicious RichEd32.dll ' and other DLLs too, dependent on the version of Windows eventually found in the directory they are started from the...

ESET NOD32 Antivirus DLL Hijacking

Hi @ll, the executable installer ° of ESET's NOD32 antivirus, esetnod32antivirusliveinstaller.exe, loads and executes at least the rogue/bogus/malicious Cabinet.dll and DbgHelp.dll eventually found in the directory it is started from ' the "application directory". For software downloaded with a w...

Google Chrome DLL Hijack

Hi @ll, the executable installers ° of Google Chrome are vulnerable: 1. ChromeStandaloneSetup.exe and ChromeSetup.exe load and execute a rogue/bogus/malicious CryptBase.dll under Windows NT6.x from their "application directory" '. For software downloaded with a web browser this is typically the...

JRSoft InnoSetup DLL Hijack

Hi @ll, executable installers ° created with JRSoft InnoSetup see ; this includes of course InnoSetup itself too are vulnerable: 1. They load and execute a rogue/bogus/malicious UXTheme.dll ' eventually found in the directory they are started from the "application directory". For software...