7T TERMIS DLL Loading Arbitrary Code Execution Vulnerability

Bugtraq ID:	52069
Class:	Design Error
CVE:	CVE-2012-0223
Remote:	Yes
Local:	No
Published:	Feb 17 2012 12:00AM
Updated:	Feb 21 2012 06:40PM
Credit:	Kuang-Chun Hung
Vulnerable:	7-Technologies TERMIS 2.10
Not Vulnerable:

7T TERMIS DLL Loading Arbitrary Code Execution Vulnerability

7T TERMIS is prone to a vulnerability which allows attackers to execute arbitrary code.

An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.

TERMIS 2.10 is vulnerable; other versions may also be affected.

7T TERMIS DLL Loading Arbitrary Code Execution Vulnerability

Attackers must trick a user into opening a file on a remote WebDAV or SMB share to exploit this issue.

7T TERMIS DLL Loading Arbitrary Code Execution Vulnerability

Solution:
Updates are available. Please see the references for details.

7T TERMIS DLL Loading Arbitrary Code Execution Vulnerability

References:

• Application DLL Load Hijacking (HD Moore)
  
• Exploiting DLL Hijacking Flaws (hdm)
  
• ICSA-12-025-02�??7-TECHNOLOGIES TERMIS DLL HIJACKING (Kuang-Chun Hun)
  
• More information about the DLL Preloading remote attack vector (Microsoft)
  
• TERMIS Homepage (7-Technologies)