High severity7.8NVD Advisory· Published Jan 23, 2017· Updated May 13, 2026
CVE-2016-1281
CVE-2016-1281
Description
Untrusted search path vulnerability in the installer for TrueCrypt 7.2 and 7.1a, VeraCrypt before 1.17-BETA, and possibly other products allows local users to execute arbitrary code with administrator privileges and conduct DLL hijacking attacks via a Trojan horse DLL in the "application directory", as demonstrated with the USP10.dll, RichEd20.dll, NTMarta.dll and SRClient.dll DLLs.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.openwall.com/lists/oss-security/2016/01/11/1nvdPatchThird Party Advisory
- seclists.org/fulldisclosure/2016/Jan/22nvdExploitMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.