Bruno Filipe

**Name of the Vulnerable Software and Affected Versions** avast! Free Antivirus versions 5.0.594 and earlier **Description** The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse mfc90loc.dll located in the same folder as an avast license (.avastlic) file. **Recommendations** For avast! Free Antivirus versions 5.0.594 and earlier, update to a version later than 5.0.594 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Adobe Dreamweaver CS5 version 11.0 build 4916 Adobe Dreamweaver CS5 version 11.0 build 4909 Adobe Dreamweaver CS5 (other versions probably affected) **Description** The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse `mfc90loc.dll` or `dwmapi.dll` located in the same folder as a CSS, PHP, ASP, or other file that automatically launches the software. **Recommendations** For Adobe Dreamweaver CS5 version 11.0 build 4916, consider removing or restricting access to the `mfc90loc.dll` and `dwmapi.dll` files in the same folder as files that launch the software. For Adobe Dreamweaver CS5 version 11.0 build 4909, consider removing or restricting access to the `mfc90loc.dll` and `dwmapi.dll` files in the same folder as files that launch the software. For other probably affected versions of Adobe Dreamweaver CS5, consider removing or restricting access to the `mfc90loc.dll` and `dwmapi.dll` files in the same folder as files that launch the software.