BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
[CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player Jun 17 2016 05:39AM
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the executable (un)installers for Flash Player before version
22.0.0.192 and 18.0.0.360 (both released on 2016-06-15) are
vulnerable to DLL hijacking: they load and execute multiple
Windows system DLLs from their "application directory" instead
of Windows' "system directory" %SystemRoot%\Sy...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus