VYPR

CWE-426

Untrusted Search Path

BaseStableLikelihood: High

Description

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-38

CVEs mapped to this weakness (355)

page 4 of 18
  • CVE-2018-0595HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.05

    Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0594HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.05

    Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0593HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.05

    Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0592HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.05

    Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0563HigJun 26, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse…

  • CVE-2017-7755HigJun 11, 2018
    risk 0.51cvss 7.8epss 0.01

    The Firefox installer on Windows can be made to load malicious DLL files stored in the same directory as the installer when it is run. This allows privileged execution if the installer is run with elevated privileges. Note: This attack only affects Windows operating systems.…

  • CVE-2018-6514HigJun 11, 2018
    risk 0.51cvss 7.8epss 0.01

    In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation.

  • CVE-2018-7884HigJun 5, 2018
    risk 0.51cvss 7.8epss 0.01

    An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the drivers are updated to a newer version, the product launches a process as SYSTEM to uninstall the old version: cl_1956.exe is run as SYSTEM on the %systemroot%\Temp folder, where any user…

  • CVE-2018-11551HigJun 1, 2018
    risk 0.51cvss 7.8epss 0.03

    AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly.

  • CVE-2018-10650HigMay 23, 2018
    risk 0.51cvss 7.8epss 0.01

    There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.

  • CVE-2018-4927HigMay 19, 2018
    risk 0.51cvss 7.8epss 0.04

    Adobe InDesign versions 13.0 and below have an exploitable Untrusted Search Path vulnerability. Successful exploitation could lead to local privilege escalation.

  • CVE-2018-10027HigMay 17, 2018
    risk 0.51cvss 7.8epss 0.00

    ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or…

  • CVE-2018-0580HigMay 14, 2018
    risk 0.51cvss 7.8epss 0.02

    Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with its timestamp prior to April 25, 2018, 12:11:31, and CLIP STUDIO MODELER (for…

  • CVE-2017-2802HigApr 24, 2018
    risk 0.51cvss 7.8epss 0.01

    An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0. A specifically named malicious dll file located in one of directories pointed to by the PATH environment variable will lead to…

  • CVE-2018-6306HigApr 19, 2018
    risk 0.51cvss 7.8epss 0.03

    Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538.

  • CVE-2018-0562HigApr 16, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0561HigApr 16, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver. 3.7.15 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-6661HigApr 2, 2018
    risk 0.51cvss 7.8epss 0.01

    DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature.

  • CVE-2018-5470HigMar 26, 2018
    risk 0.51cvss 7.8epss 0.01

    Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges.

  • CVE-2018-0552HigMar 22, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in The installer of PhishWall Client Firefox and Chrome edition for Windows Ver. 5.1.26 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.