f.lux DLL Hijacking
Aloha, f.lux suffers from a DLL hijacking vulnerability. "flux-setup.exe" loads and executes dll from its "application directory". For software downloaded with a web browser the applicationdirectory is typically the user's "Downloads" directory: see , and for "prior art" about this well-known and...