Vulnerability Description
Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Putty | Putty | 0.67 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/archive/1/538848/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1036236Broken LinkThird Party AdvisoryVDB Entry
- https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.htmlExploitThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/archive/1/538848/100/0/threadedBroken LinkThird Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1036236Broken LinkThird Party AdvisoryVDB Entry
- https://packetstormsecurity.com/files/137742/Putty-Beta-0.67-DLL-Hijacking.htmlExploitThird Party AdvisoryVDB Entry
FAQ
What is CVE-2016-6167?
CVE-2016-6167 is a vulnerability with a CVSS score of 7.8 (HIGH). Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll fi...
How severe is CVE-2016-6167?
CVE-2016-6167 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6167?
Check the references section above for vendor advisories and patch information. Affected products include: Putty Putty.