74 matches found
CVE-2020-24567
voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuratio...
CVE-2019-0995
A security feature bypass vulnerability exists when urlmon.dll improperly handles certain Mark of the Web queries, aka 'Internet Explorer Security Feature Bypass Vulnerability'...
CVE-2006-0544
urlmon.dll in Microsoft Internet Explorer 7.0 beta 2 aka 7.0.5296.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a BGSOUND element with its SRC attribute set to "file://" followed by a large number of "-" dash of hyphen characters...
Trojan.Win32.DarkGateLoader MVID-2024-0685 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2024 Original source: https://malvuln.com/advisory/afe012ed0d96abfe869b9e26ea375824.txt Contact: [email protected] Media: x.com/malvuln Threat: Trojan.Win32.DarkGateLoader multi variants Vulnerability: Arbitrary Code Execution Description:...
CVE-2023-48861
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll...
Spoofing
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll...
CVE-2023-48861
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll...
CVE-2023-48861
DLL hijacking vulnerability in TTplayer version 7.0.2, allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll...
TTplayer Security Breach
TTplayer 千千静听 is a free audio media player from China's TTplayer company that supports multiple audio formats. A security vulnerability exists in TTplayer version 7.0.2, which originates from a DLL hijacking vulnerability. The vulnerability can be exploited by an attacker to elevate privileges vi...
CVE-2023-48861
CVE-2023-48861 affects TTplayer (TTplayer 7.0.2). The vulnerability is a DLL hijacking issue in urlmon.dll that allows local attackers to escalate privileges and execute arbitrary code. The available sources consistently describe the core impact but do not provide a confirmed patch. PT-2023-30990...
PT-2023-30990 · Microsoft · Urlmon.Dll
Name of the Vulnerable Software and Affected Versions: TTplayer version 7.0.2 Description: The issue allows local attackers to escalate privileges and execute arbitrary code via urlmon.dll. This is a result of a DLL hijacking vulnerability. Recommendations: For TTplayer version 7.0.2, consider...
CVE-2023-47454
An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory...
CVE-2023-47454
An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory...
CVE-2023-47454
An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory...
CVE-2023-47454
CVE-2023-47454 affects NetEase CloudMusic 2.10.4 on Windows, with a local untrusted search path vulnerability via urlmon.dll in the current working directory that allows local privilege escalation. Multiple connected sources confirm the affected product/version and the root cause; exploitation de...
CVE-2023-47454
An Untrusted search path vulnerability in NetEase CloudMusic 2.10.4 for Windows allows local users to gain escalated privileges through the urlmon.dll file in the current working directory...
CVE-2023-4931
Uncontrolled search path element vulnerability in Plesk Installer affects version 3.27.0.0. A local attacker could execute arbitrary code by injecting DLL files into the same folder where the application is installed, resulting in DLL hijacking in edputil.dll, samlib.dll, urlmon.dll, sspicli.dll,...
CVE-2020-24567
voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuratio...
Design/Logic Flaw
voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuratio...
CVE-2020-24567
The CVE affects voidtools Everything prior to 1.4.1 Beta Nightly 2020-08-18. A local privilege-escalation exists via a Trojan horse urlmon.dll placed in the installation directory, applicable when low-privilege users can write to that directory. The root cause is a writable installation directory...