Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

MS Windows Insecure Library Loading Remote Code Execution Vulnerabilities (2269637)

Information

Severity

Severity

Critical

Family

Family

Windows

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

13 years ago

Modified

Modified

4 years ago

Summary

This host is prone to Remote Code Execution vulnerabilities.

Insight

Insight

The flaws are due to: - An error in the loading of dynamic link libraries (DLLs). If an application does not securely load DLL files, an attacker may be able to cause the application to load an arbitrary library. - A specific insecure programming practices that allow so-called 'binary planting' or 'DLL preloading attacks', which allows the attacker to execute arbitrary code in the context of the user running the vulnerable application when the user opens a file from an untrusted location.

Affected Software

Affected Software

Microsoft Windows 7 Microsoft Windows XP Service Pack 3 and prior Microsoft Windows 2003 Service Pack 2 and prior Microsoft Windows Vista Service Pack 2 and prior. Microsoft Windows Server 2008 Service Pack 2 and prior.

Solution

Solution

The vendor has released updates. Please see the references for more information.