Home page logo

bugtraq logo Bugtraq mailing list archives

PDFill Insecure Library Loading
From: robkraus () solutionary com
Date: 9 Jun 2011 13:53:25 -0000

Vulnerability title: PDFill Insecure Library Loading

CVSS Risk Rating: 2.9 (Low)

Product: PDFill PDF Editor 8.0

Application Vendor: PlotSoft

Vendor URL: http://www.plotsoft.com

Public disclosure date: 6/9/2011

Discovered by: Jose Hernandez and Solutionary Engineering Research Team (SERT)

Solutionary ID: SERT-VDN-1008

Solutionary public disclosure URL: http://www.solutionary.com/index/SERT/Vuln-Disclosures/PDFill-Insecure-Library.html

Vulnerability Description: PDFill contains a Insecure Library Loading vulnerability. The libraries identified as being 
vulnerable are mfc70enu.dll and mfc80loc.dll. The vulnerability lies in the way Microsoft Windows loads DLLs. If 
applications load a library from a specific path and call that path implicitly, Microsoft Windows searches several 
default paths to find and load the library. A malicious attacker can create a malicious DLL with the same name and 
place it in a directory where Microsoft Windows searches by default. The application will load the malicious DLL and 
may result result in arbitrary code execution.

Affected software versions: 8.0

Impact: Successful exploitation allows local or remote arbitrary code execution.

Fixed in: Not Fixed

Remediation guidelines: Windows released several tools to be used as workarounds for this vulnerability, however, these 
tools alter basic windows functionality which may result in malfunctioning applications. Test all tools in a test 
environment before deployment in production environments. 

  By Date           By Thread  

Current thread:
  • PDFill Insecure Library Loading robkraus (Jun 09)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]