Re: [FD] Executable installers are vulnerable^WEVIL (case 15):F-SecureOnlineScanner.exe allows arbitrary (remote) codeexecution and escalation of privilege

Mitja Kolsek wrote: > Hi Stefan and all, > >> See the "CWDIllegalInDllSearchPath" setting introduced with KB2264107 >> about 5 years ago, after ACROS finally got enough attention for the >> vulnerability first published as CVE-2000-0854 (that was 15 years ago, >> but

[FD] Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution

Hi @ll, TrendMicro_MAX_10.0_US-en_Downloader.exe (available from ) loads and executes ProfAPI.dll and UXTheme.dll (and other DLLs too) eventually found in the directory it is started from (the "application