BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Executable installers are vulnerable^WEVIL (case 34): Microsoft's vs-community-*.exe susceptible to DLL hijacking Jul 01 2016 01:32PM
Stefan Kanthak (stefan kanthak nexgo de)
Hi @ll,

the executable installer for Microsoft's Visual Studio 2015
Community Edition, available from <https://www.visualstudio.com/>,
is vulnerable to DLL hijacking: on a fully patched Windows 7 SP1
it loads the following DLLs from its "application directory"
instead of Windows' "system directory"...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus