4 matches found
CVE-2012-3004
Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse 1 realwin.dll or 2 keyhook.dll file in the current working directory...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse 1 realwin.dll or 2 keyhook.dll file in the current working directory...
CVE-2012-3004
The CVE-2012-3004 issue is a DLL hijack vulnerability (CWE-427) in RealFlex RealWinDemo (and related components RealWin, FlexView). An attacker who can place a malicious realwin.dll or keyhook.dll in the current working directory could trigger arbitrary code execution with local privileges. Affec...
RealFlex RealWinDemo DLL Hijack
Overview Independent researcher Carlos Mario Penagos Hollmann has identified an uncontrolled search path element vulnerability, commonly referred to as a DLL hijack, in the RealFlex RealWinDemo application. RealFlex Technologies has produced an upgrade to address this vulnerability, which Mr...