Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DLL Sideloading in ScreenToGif
Vulnerability Description
ScreenToGif is a screen recording tool. In versions from 2.42.1 and prior, ScreenToGif is vulnerable to DLL sideloading via version.dll . When the portable executable is run from a user-writable directory, it loads version.dll from the application directory instead of the Windows System32 directory, allowing arbitrary code execution in the user's context. This is especially impactful because ScreenToGif is primarily distributed as a portable application intended to be run from user-writable locations. At time of publication, there are no publicly available patches.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
不可信的搜索路径
Vulnerability Title
ScreenToGif 安全漏洞
Vulnerability Description
ScreenToGif是Nicke Manarin个人开发者的一个屏幕录制与GIF制作工具。 ScreenToGif 2.42.1及之前版本存在安全漏洞,该漏洞源于存在DLL侧加载漏洞,可能导致在用户上下文中执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A