Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
MemProcFS < 5.17 DLL/Shared Library Hijacking
Vulnerability Description
MemProcFS before 5.17 contains multiple unsafe library-loading patterns that enable DLL and shared-library hijacking across six attack surfaces, including bare-name LoadLibraryU and dlopen calls without path qualification for vmmpyc, libMSCompression, and plugin DLLs. An attacker who places a malicious DLL or shared library in the working directory or manipulates LD_LIBRARY_PATH can achieve arbitrary code execution when MemProcFS loads.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
MemProcFS 代码问题漏洞
Vulnerability Description
MemProcFS是Ulf Frisk个人开发者的一个物理内存虚拟文件系统分析工具。 MemProcFS 5.17之前版本存在代码问题漏洞,该漏洞源于存在多个不安全的库加载模式,可能导致DLL和共享库劫持,从而执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A