Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application directory", as demonstrated with the USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll DLLs.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TrueCrypt和VeraCrypt 安全漏洞
Vulnerability Description
TrueCrypt和VeraCrypt都是免费、开源的磁盘加密软件。 VerCrypt 1.16及之前的版本、TrueCrypt 7.2版本和7.1a版本中的installer存在不可信的搜索路径漏洞。本地攻击者可利用该漏洞以管理员权限执行任意代码,实施DLL劫持攻击。
CVSS Information
N/A
Vulnerability Type
N/A