exploitDog

CVE-2022-44939

Опубликовано: 06 янв. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.

Ссылки

https://github.com/RashidKhanPathan/WindowsPrivilegeEscalation/blob/main/DLL%20Hijacking/CVE-2022-44939/Research.txt
Exploit
Third Party Advisory
https://github.com/RashidKhanPathan/WindowsPrivilegeEscalation/blob/main/DLL%20Hijacking/CVE-2022-44939/Research.txt
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:echatserver:easy_chat_server:3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00077

Низкий

7.8 High

CVSS3

Дефекты

CWE-427

CWE-427

Связанные уязвимости

GHSA-gqx3-wh79-gf57

CVSS3: 7.8

github

около 3 лет назад

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.

EPSS

Процентиль: 23%

0.00077

Низкий

7.8 High

CVSS3

Дефекты

CWE-427

CWE-427