VYPR

CWE-426

Untrusted Search Path

BaseStableLikelihood: High

Description

The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.

Hierarchy (View 1000)

Children

none

Related attack patterns (CAPEC)

CAPEC-38

CVEs mapped to this weakness (355)

page 8 of 18
  • CVE-2015-0974HigAug 28, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privilege by modifying the 'Ucell Internet' directory to reference a malicious mms_dll_r.dll or mediaplayerdll.dll.

  • CVE-2017-11159HigAug 23, 2017
    risk 0.51cvss 7.8epss 0.00

    Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or…

  • CVE-2017-11160HigAug 18, 2017
    risk 0.51cvss 7.8epss 0.00

    Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or (4) dwmapi.dll…

  • CVE-2017-2289HigAug 18, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-2228HigAug 18, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10824HigAug 18, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in TDB CA TypeA use software Version 5.2 and earlier, distributed until 10 August 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10823HigAug 18, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10822HigAug 18, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified…

  • CVE-2017-10821HigAug 18, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-6768HigAug 17, 2017
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to a custom…

  • CVE-2017-12892HigAug 16, 2017
    risk 0.51cvss 7.8epss 0.03

    Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer.

  • CVE-2017-12480HigAug 6, 2017
    risk 0.51cvss 7.8epss 0.01

    Sandboxie installer 5071703 has a DLL Hijacking or Unsafe DLL Loading Vulnerability via a Trojan horse dwmapi.dll or profapi.dll file in an AppData\Local\Temp directory.

  • CVE-2017-2221HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer of Baidu IME Ver3.6.1.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-10820HigAug 4, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer of IP Messenger for Win 4.60 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-11657HigAug 4, 2017
    risk 0.51cvss 7.3epss 0.01

    Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.

  • CVE-2015-8264HigAug 2, 2017
    risk 0.51cvss 7.8epss 0.03

    Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as F-SecureOnlineScanner.exe.

  • CVE-2017-2279HigAug 2, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Tween Ver1.6.6.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-11749HigJul 30, 2017
    risk 0.51cvss 7.8epss 0.01

    InternetSoft FTP Commander 8.02 and prior has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll file.

  • CVE-2017-11748HigJul 30, 2017
    risk 0.51cvss 7.8epss 0.01

    VIT Spider Player 2.5.3 has an untrusted search path, allowing DLL hijacking via a Trojan horse dwmapi.dll, olepro32.dll, dsound.dll, or AUDIOSES.dll file.

  • CVE-2017-11742HigJul 30, 2017
    risk 0.51cvss 7.8epss 0.00

    The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.