Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
BleachBit for Windows Has DLL Untrusted Path Vulnerability
Vulnerability Description
BleachBit cleans files to free disk space and to maintain privacy. BleachBit for Windows up to version 4.6.2 is vulnerable to a DLL Hijacking vulnerability. By placing a malicious DLL with the name uuid.dll in the folder C:\Users\<username>\AppData\Local\Microsoft\WindowsApps\, an attacker can execute arbitrary code every time BleachBit is run. This issue has been patched in version 4.9.0.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
BleachBit 代码问题漏洞
Vulnerability Description
BleachBit是BleachBit开源的一个免费的开源磁盘空间清理器,隐私管理器和计算机系统优化器。 BleachBit 4.6.2及之前版本存在代码问题漏洞,该漏洞源于DLL劫持,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A