16 matches found
CVE-2023-25005
A maliciously crafted DLL file can be forced to read beyond allocated boundaries in Autodesk InfraWorks 2023, and 2021 when parsing the DLL files could lead to a resource injection vulnerability...
CVE-2019-19688
A privilege escalation vulnerability in Trend Micro HouseCall for Home Networks versions below 5.3.0.1063 could be exploited allowing an attacker to place a malicious DLL file into the application directory and elevate privileges...
CVE-2024-11454
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized...
CVE-2023-27908
A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability...
CVE-2022-23104 WIN-911 2021 Incorrect Default Permissions
WIN-911 2021 R1 and R2 are vulnerable to a permissions misconfiguration that may allow an attacker to locally write files to the program Operator Workspace directory, which holds DLL files and executables. A low-privilege attacker could write a malicious DLL file to the Operator Workspace directo...
Path traversal
Adobe Creative Cloud Desktop version 2.7.0.13 and earlier is affected by an Uncontrolled Search Path Element vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must download a...
CVE-2020-12891
AMD Radeon Software may be vulnerable to DLL Hijacking through path variable. An unprivileged user may be able to drop its malicious DLL file in any location which is in path environment variable...
Design/Logic Flaw
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. This vulnerability is due to incorrect handling of directory search paths at run time. An attacker could exploit this...
EV Live Assistant suffers from dll hijacking vulnerability
Ev Live Streaming Assistant is an unmanned live streaming software. EV Live Assistant suffers from a dll hijacking vulnerability. An attacker can exploit this vulnerability to load a fake malicious dll file and gain control of the server...
CVE-2021-1240
A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to...
CVE-2021-1240 Cisco Proximity Desktop for Windows DLL Hijacking Vulnerability
A vulnerability in the loading process of specific DLLs in Cisco Proximity Desktop for Windows could allow an authenticated, local attacker to load a malicious library. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to...
Acronis: TrueImage for Acronis True Image 2020 - Untrusted DLL Search-Ordering lead to Privilege Escalation as Administrative account
Vulnerability description not provided...
CVE-2019-1855 Cisco Jabber for Windows DLL Preloading Vulnerability
A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The...
Input validation
An untrusted search path aka DLL Preloading vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to execute arbitrary code via DLL hijacking if a local user with administrative privileges executes the installer in the current working directory wher...
CVE-2017-9646
An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader HCDownloader Version 1.0.1.15 and prior. An uncontrolled search path element has been identified, which could allow an attacker to execute arbitrary code on a target system using a malicious DLL...
Adobe Reader 9.3.0 DLL Hijacking
===================================================== Adobe Reader 9.3.0 - DLL Hijacking ===================================================== Vendor Homepage: https://www.adobe.com/ Date: 24 Oct 2016 Version : 9.3.0 Author: Ashiyane Digital Security Team Contact: [email protected]...