N/A

Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, 2.5.4.0, and other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a CUE file.

N/A

N/A

ImgBurn ImgBurn.exe文件不可信搜索路径漏洞

ImgBurn 是一款简单易用而且完全免费的CD/DVD镜像文件刻录软件，支持所有最新型刻录机，能够写入大部分CD/DVD镜像格式。 ImgBurn 2.4.0.0，2.5.4.0及其他版本中的ImgBurn.exe中存在不可信搜索路径漏洞。本地用户及远程攻击者可借助与CUE文件位于相同文件夹中的Trojan木马dwmapi.dll执行代码并执行DLL劫持攻击。

N/A

N/A