ImgBurn 2.4 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution

// source: https://www.securityfocus.com/bid/45657/info ImgBurn is prone to an arbitrary-code-execution vulnerability. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted...

ImgBurn 2.4 - dwmapi.dll DLL Loading Arbitrary Code Execution

ImgBurn 2.4 - dwmapi.dll DLL Loading Arbitrary Code Execution // source: https://www.securityfocus.com/bid/45657/info ImgBurn is prone to an arbitrary-code-execution vulnerability. An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file fr...

Adobe Photoshop CS5 Insecure Library Loading Code Execution (APSB10-30; CVE-2010-3127)

Adobe Photoshop CS5 is a graphics editing program that features a 3D engine. A library-loading vulnerability has been identified in Adobe Photoshop CS5. This vulnerability is due to the application insecurely loading certain librairies from the current working directory, which could allow attacke...

AttacheCase may insecurely load executable files

Overview AttacheCase may use unsafe methods for determining how to load executables .exe. AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search pat...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Windows Movie Maker WMM 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker MSWMM file, aka "Insecure Library Loading Vulnerability."...

Design/Logic Flaw

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

Design/Logic Flaw

Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST...

CVE-2010-3965

The CVE-2010-3965 issue is an Insecure Library Loading (untrusted search path) vulnerability in Windows Media Encoder 9. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP1/SP2, and Windows Server 2008 Gold/SP2. The root cause is that Windows Media Encoder loa...

CVE-2010-3967

CVE-2010-3967 describes an Untrusted Search Path/Insecure Library Loading vulnerability in Microsoft Windows Movie Maker 2.6. A Trojan DLL placed in the current working directory (e.g., a directory containing an MSWMM file) can be loaded by WMM, allowing local users to gain privileges. The issue ...

CVE-2010-3965

Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrat...

MS10-097: Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)

The remote Windows host contains a version of the Internet Connection Signup Wizard that incorrectly restricts the path used for loading external libraries. If an attacker can trick a user on the affected system into opening a specially crafted .ins or .isp file located in the same network...

Adobe Photoshop CS5 < 12.0.2 (APSB10-30)

The installed version of Adobe Photoshop is older than 12.0.2, and hence affected by the following issues : - Insecure library loading, which could result in arbitrary code execution. CVE-2010-3127 - Multiple unspecified vulnerabilities. C Tenable Network Security, Inc. include"compat.inc"; if...

Microsoft Windows multiple security vulnerabilities

OpenType Font parsing memory corruption, task scheduler privilege escalation, usafe DLL loading, multiple kernel vulnerabilities, Consent User Interface privilege escalation, Netlogon DoS...

Microsoft Windows Movie Maker Insecure Library Loading (MS10-093; CVE-2010-3967)

Windows Movie Maker is an application that allows users to create, edit, and add special effects to home movies. A remote code execution vulnerability has been reported in the way that Windows Movie Maker handles the loading of DLL files. The vulnerability is caused when the Windows Movie Maker...

Microsoft Windows Media Encoder Insecure Library Loading (MS10-094; CVE-2010-3965)

Microsoft Windows Media Encoder is a production tool for converting both live and prerecorded audio and video to Windows Media Format. A remote code execution vulnerability has been reported in the way that Microsoft Office handles the loading of DLL files. The vulnerability is caused when the...

Microsoft Windows Address Book Insecure Library Loading (MS10-096; CVE-2010-3147)

The Windows Address Book WAB is an application and service that has a local database and user interface for finding and editing information about people, and it can query network directory servers using Lightweight Directory Access Protocol LDAP. A remote code execution vulnerability has been...

Sulata iSoft (stream.php)local file inclusion vulnerability-vulnerability warning-the black bar safety net

Vulnerability type: a file that contains Vulnerability description: the stream. php download function to the path the filter is not strict, resulting in a local loading for any file with vulnerabilities. Vulnerability analysis: stream.php ..... //the includeonce"../home/library.php"; the...

CVE-2010-4296

vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via...

PT-2010-5404 · Vmware · Vmware Server +3

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions 7.0 through 7.1.2 build 301547 VMware Player versions 3.1.x through 3.1.1 build 301547 VMware Server version 2.0.2 VMware Fusion versions 3.1.x through 3.1.1 build 332100 Description: The issue is related to the...