In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
CVSS Score
7.8
EPSS Score
0.035
Published
2023-06-01
Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code.
CVSS Score
7.8
EPSS Score
0.001
Published
2020-09-03