Vulnerability Description
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hamstersoft | Hamster Free Zip Archiver | 2.0.1.7 |
References
- http://packetstormsecurity.com/files/128739/Hamster-Free-ZIP-Archiver-2.0.1.7-DLExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97658
- http://packetstormsecurity.com/files/128739/Hamster-Free-ZIP-Archiver-2.0.1.7-DLExploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/97658
FAQ
What is CVE-2014-0619?
CVE-2014-0619 is a vulnerability with a CVSS score of 6.9 (MEDIUM). Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in...
How severe is CVE-2014-0619?
CVE-2014-0619 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0619?
Check the references section above for vendor advisories and patch information. Affected products include: Hamstersoft Hamster Free Zip Archiver.