CVE-2011-0403

Name of the Vulnerable Software and Affected Versions ImgBurn versions 2.4.0.0 through 2.5.4.0

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse dwmapi.dll that is located in the same folder as a CUE file.

Recommendations For ImgBurn versions 2.4.0.0 through 2.5.4.0, consider removing or restricting access to the dwmapi.dll file in the same folder as CUE files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.