Vulnerabilities > CVE-2011-0403 - DLL Loading Arbitrary Code Execution vulnerability in ImgBurn 'dwmapi.dll'
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, 2.5.4.0, and other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a CUE file. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
Vulnerable Configurations
Exploit-Db
description | ImgBurn 2.4 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability. CVE-2011-0403. Dos exploit for windows platform |
id | EDB-ID:35163 |
last seen | 2016-02-04 |
modified | 2011-01-01 |
published | 2011-01-01 |
reporter | d3c0der |
source | https://www.exploit-db.com/download/35163/ |
title | ImgBurn 2.4 - 'dwmapi.dll' DLL Loading Arbitrary Code Execution Vulnerability |