PT-2023-30318 · Bleachbit · Bleachbit

Dhulliger

Publicado

2023-11-08

Atualizado

2025-10-22

CVE-2023-47113

CVSS v3.1

7.3

Alta

Vetor

AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions BleachBit for Windows versions 4.4.2 and earlier

Description BleachBit for Windows is vulnerable to a DLL Hijacking issue. This allows an attacker to run arbitrary code on every execution of BleachBit for Windows by placing a DLL in a specific folder, such as c:DLLs.

Recommendations For versions 4.4.2 and earlier, update to version 4.5.0 to resolve the issue. As a temporary workaround, consider restricting access to the folder where the DLL can be placed, such as c:DLLs, to minimize the risk of exploitation.

Exploit

Correção

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

CVE-2023-47113

GHSA-J8JC-F6P7-55P8

OPENSUSE-SU-2025:15657-1

Produtos afetados

Bleachbit

PT-2023-30318 · Bleachbit · Bleachbit

CVE-2023-47113

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13