Vulnerability Details CVE-2014-0619
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.1%
CVSS Severity
CVSS v2 Score 6.9
References
- http://packetstormsecurity.com/files/128739/Hamster-Free-ZIP-Archiver-2.0.1.7-DLL-Hijacking.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97658
- http://packetstormsecurity.com/files/128739/Hamster-Free-ZIP-Archiver-2.0.1.7-DLL-Hijacking.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97658
Products affected by CVE-2014-0619
-
cpe:2.3:a:hamstersoft:hamster_free_zip_archiver:2.0.1.7