Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- > [Suggested description]
- > ESTsoft ALZip before 10.76 allows local users to execute arbitrary
- > code via creating a malicious .DLL file and installing it in a
- > specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats,
- > %PROGRAMFILES%\ESTsoft\ALZip\Coders,
- > %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or
- > %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders.
- >
- > ------------------------------------------
- >
- > [Additional Information]
- > POC download url : https://srvlin.kr/poc/mal_x86.zip
- >
- > ------------------------------------------
- >
- > [VulnerabilityType Other]
- > Untrusted Search Path (CWE-426)
- >
- > ------------------------------------------
- >
- > [Vendor of Product]
- > ESTsoft
- >
- > ------------------------------------------
- >
- > [Affected Product Code Base]
- > Alzip - 10.75.0.0 and under version
- >
- > ------------------------------------------
- >
- > [Affected Component]
- > Alzip
- >
- > ------------------------------------------
- >
- > [Attack Type]
- > Local
- >
- > ------------------------------------------
- >
- > [Impact Code execution]
- > true
- >
- > ------------------------------------------
- >
- > [Attack Vectors]
- > An attacker could exploit this vulnerability by creating a malicious DLL file and installing it in a specific directory.
- > + 32bit : C:\Program Files\ESTsoft\ALZip\Formats\ C:\Program Files\ESTsoft\ALZip\Coders\
- > + 64bit : C:\Program Files (x86)\ESTsoft\ALZip\Formats\, C:\Program Files (x86)\ESTsoft\ALZip\Coders\
- >
- > ------------------------------------------
- >
- > [Discoverer]
- > KwangHyung Lee, EQST Lab, SKinfosec
- >
- > ------------------------------------------
- >
- > [Reference]
- > https://www.altools.co.kr/Support/Notice_Contents.aspx?idx=1640&page=1&t=2
- Use CVE-2018-10027.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement