VYPR

CWE-426

Untrusted Search Path

BaseStableLikelihood: High

Description

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-38

CVEs mapped to this weakness (355)

page 5 of 18
  • CVE-2018-0540HigMar 22, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in ViX version 2.21.148.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-1437HigMar 14, 2018
    risk 0.51cvss 7.8epss 0.02

    IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. A local attacker could exploit this vulnerability to DLL hijacking to execute arbitrary code on the system or cause the…

  • CVE-2018-1435HigMar 14, 2018
    risk 0.51cvss 7.8epss 0.03

    IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563.

  • CVE-2018-7239HigMar 9, 2018
    risk 0.51cvss 7.8epss 0.03

    A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code.

  • CVE-2018-0544HigMar 9, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in WinShot 1.53a and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0543HigMar 9, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Jtrim 1.53c and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-7484HigFeb 26, 2018
    risk 0.51cvss 7.8epss 0.02

    An issue was discovered in PureVPN through 5.19.4.0 on Windows. The client installation grants the Everyone group Full Control permission to the installation directory. In addition, the PureVPNService.exe service, which runs under NT Authority\SYSTEM privileges, tries to load…

  • CVE-2018-0516HigFeb 16, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in FLET'S v4 / v6 address selection tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-0515HigFeb 16, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in "FLET'S Azukeru Backup Tool" version 1.5.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-1711HigFeb 13, 2018
    risk 0.51cvss 7.8epss 0.01

    IBM iNotes 8.5 and 9.0 SUService can be misguided into running malicious code from a DLL masquerading as a windows DLL in the temp directory. IBM X-Force ID: 134532.

  • CVE-2018-0517HigFeb 8, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Anshin net security for Windows Version 16.0.1.44 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2018-6461HigFeb 5, 2018
    risk 0.51cvss 7.8epss 0.02

    March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current…

  • CVE-2018-6318HigFeb 2, 2018
    risk 0.51cvss 7.8epss 0.01

    In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its…

  • CVE-2018-6475HigJan 31, 2018
    risk 0.51cvss 7.8epss 0.01

    In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges.

  • CVE-2018-0507HigJan 26, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.11 and earlier versions allow an attacker to gain privileges via a Trojan horse DLL in an unspecified…

  • CVE-2017-7327HigJan 19, 2018
    risk 0.51cvss 7.8epss 0.01

    Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll.

  • CVE-2017-5696HigJan 18, 2018
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.

  • CVE-2017-15913HigJan 8, 2018
    risk 0.51cvss 7.8epss 0.01

    The Installer in Whale allows DLL hijacking.

  • CVE-2017-17010HigDec 27, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Content Manager Assistant for PlayStation version 3.55.7671.0901 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10909HigDec 22, 2017
    risk 0.51cvss 7.8epss 0.02

    Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.