RSS   Vulnerabilities for 'Ultraedit'   RSS

2020-03-02
 
CVE-2017-12580

CWE-426
 

 
An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploit the vulnerability, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a DLL using the name of a Windows DLL. This DLL must be preloaded by the executable (for example, "ntmarta.dll"). When the installer EXE is executed by the user, the DLL located in the EXE's current directory will be loaded instead of the Windows DLL, allowing the attacker to run arbitrary code on the affected system.

 
2010-09-16
 
CVE-2010-3402

CWE-Other
 

 
Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a bin, cpp, css, c, dat, hpp, html, h, ini, java, log, mak, php, prj, txt, or xml file.

 

 >>> Vendor: Ultraedit 2 Products
Ultraedit-32
Ultraedit


Copyright 2024, cxsecurity.com

 

Back to Top