CVE-2011-5155

Name of the Vulnerable Software and Affected Versions Help & Manual version 5.5.1 Build 1296

Description The issue allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory. This can be demonstrated by a directory containing specific file types, including .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm files.

Recommendations For Help & Manual version 5.5.1 Build 1296, consider restricting access to the current working directory to prevent the placement of malicious ijl15.dll files until a patch is available. As a temporary workaround, avoid using directories that contain the specified file types in the affected software.