Описание
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
Ссылки
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Mailing ListThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 1.17.44183 (включая)
cpe:2.3:a:amazon:kindle_for_pc:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.001
Низкий
7.3 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-426
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
EPSS
Процентиль: 28%
0.001
Низкий
7.3 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-426