Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

CyberLink products vulnerable to DLLHijacking

From: exploit dev <extraexploit () gmail com>
Date: Thu, 26 Aug 2010 04:55:16 +0200
Hi

Trying to play with the HD Moore tool on a default HP  notebook
installation, I have found that the CyberLink products seems vulnerable to
this kind of threat. I have check and test the proof of concept generated by
dllhijacking and works. The products are:

- CyberLink PowerDirector v7
- CyberLink Power2Go DVD v6.0

The issue is trigger with the iso,pdl,pds,p2g and p2i file formats, and DLL
request by the applications is the mfc71loc.dll or mfc71<country>.dll . If
interested http://extraexploit.blogspot.com

-- 
http://extraexploit.blogspot.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: