Hi Trying to play with the HD Moore tool on a default HP notebook installation, I have found that the CyberLink products seems vulnerable to this kind of threat. I have check and test the proof of concept generated by dllhijacking and works. The products are:
- CyberLink PowerDirector v7 - CyberLink Power2Go DVD v6.0 The issue is trigger with the iso,pdl,pds,p2g and p2i file formats, and DLL request by the applications is the mfc71loc.dll or mfc71<country>.dll . If interested http://extraexploit.blogspot.com -- http://extraexploit.blogspot.com
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
