Описание
Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.
Комментарий
Per: http://cwe.mitre.org/data/definitions/426.html
CWE-426 - 'Untrusted Search Path Vulnerability'
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Vendor Advisory
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.0.8703 (включая)
Одно из
cpe:2.3:a:teamviewer:teamviewer:*:*:*:*:*:*:*:*
cpe:2.3:a:teamviewer:teamviewer:1.85:*:*:*:*:*:*:*
cpe:2.3:a:teamviewer:teamviewer:2.44:*:*:*:*:*:*:*
cpe:2.3:a:teamviewer:teamviewer:3.6.5523:*:*:*:*:*:*:*
cpe:2.3:a:teamviewer:teamviewer:4.1.8107:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02214
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a .tvs or .tvc file.
EPSS
Процентиль: 84%
0.02214
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other