CVE-2019-9116

Name of the Vulnerable Software and Affected Versions Sublime Text 3 version 3.1.1 build 3176

Description DLL hijacking is possible because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublime text.exe to open a .txt file within an attacker's %LOCALAPPDATA%Tempsublime text folder. The vendor's position is that this issue is not a bug with Sublime Text, but rather one with Windows that has been patched.

Recommendations For Sublime Text 3 version 3.1.1 build 3176, consider avoiding the use of sublime text.exe to open files from untrusted locations until the issue is resolved. As a temporary workaround, restrict access to the %LOCALAPPDATA%Tempsublime text folder to minimize the risk of exploitation.