Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player
Jun 17 2016 05:39AM
Stefan Kanthak (stefan kanthak nexgo de)
the executable (un)installers for Flash Player before version
126.96.36.199 and 188.8.131.520 (both released on 2016-06-15) are
vulnerable to DLL hijacking: they load and execute multiple
Windows system DLLs from their "application directory" instead
of Windows' "system directory" %SystemRoot%\Sy...
[ more ]
Copyright 2010, SecurityFocus