Mozilla Firefox/Thunderbird/SeaMonkey dwmapi.dll DLL Loading Arbitrary Code Execution Vulnerability

Mozilla Firefox/Thunderbird/SeaMonkey dwmapi.dll DLL Loading Arbitrary Code Execution Vulnerability

References:

Application DLL Load Hijacking (HD Moore)
Exploiting DLL Hijacking Flaws (hdm)
Microsoft Security Advisory 2269637 Released (Microsoft)
More information about the DLL Preloading remote attack vector (Microsoft)
Mozilla Foundation Security Advisory 2010-52 (Mozilla)
Vendor Homepage (Mozilla Foundation)
Microsoft Security Advisory (2269637) (Microsoft)

Privacy Statement
Copyright 2010, SecurityFocus