Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
BID:58131
Info
Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
| Bugtraq ID: | 58131 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 23 2013 12:00AM |
| Updated: | Feb 23 2013 12:00AM |
| Credit: | Julien Ahrens (MrTuxracer) |
| Vulnerable: |
Photodex ProShow Producer 5.0.3297 |
| Not Vulnerable: | |
Discussion
Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
Photodex ProShow Producer is prone to multiple arbitrary code-execution vulnerabilities.
An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a customized library file from application path which contains a specially crafted code. Successful exploits will compromise the application in the context of the currently logged-in user.
Photodex ProShow Producer 5.0.3297 is vulnerable; other versions may also be affected.
Photodex ProShow Producer is prone to multiple arbitrary code-execution vulnerabilities.
An attacker can exploit these issues by enticing a legitimate user to use the vulnerable application to open a customized library file from application path which contains a specially crafted code. Successful exploits will compromise the application in the context of the currently logged-in user.
Photodex ProShow Producer 5.0.3297 is vulnerable; other versions may also be affected.
References
Photodex ProShow Producer Multiple DLL Loading Arbitrary Code Execution Vulnerabilities
References:
References:
- [IA48] Photodex ProShow Producer v5.0.3297 Insecure Library Loading Vulnerabilit (Inshell Security)
- Photodex Homepage (Photodex Corporation )