Описание
ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as administrator.
Ссылки
- ProductVendor Advisory
- Third Party Advisory
- ProductVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:showmypc:showmypc:3606:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00057
Низкий
7.3 High
CVSS3
Дефекты
CWE-427
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC\-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as administrator.
EPSS
Процентиль: 18%
0.00057
Низкий
7.3 High
CVSS3
Дефекты
CWE-427