PT-2018-5611 · Spidercontrol · Spidercontrol Microbrowser
Published
2018-04-26
·
Updated
2019-10-09
·
CVE-2017-14010
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
SpiderControl MicroBrowser versions 1.6.30.144 and prior
Description:
An uncontrolled search path element issue has been identified, which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded prior to the valid DLL, an attacker could execute arbitrary code on the system.
Recommendations:
For SpiderControl MicroBrowser versions 1.6.30.144 and prior, consider restricting access to the system's search path to prevent malicious DLL files from being loaded, until a patch or fix is available.
Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Spidercontrol Microbrowser