Changes between Initial Version and Version 5 of Ticket #14571


Ignore:
Timestamp:
09/14/11 15:17:40 (8 years ago)
Author:
sdierl
Comment:

The DLL search order is described by Microsoft in [1].

As far as I can tell, the only critical case is a disabled SafeDllSearchMode, in which application directory and PWD are searched before the system directory.

The application directory is not critical, however, the PWD might be.

Shell links ("shortcuts") [2] can specify a PWD to use for an application. A possible attack scenario could be: Place a malicious Wintab32.dll and a shell link to Pidgin on a machine. The shell link specifies a PWD containing the malicious Wintab32.dll. If the user launches the shell link, Pidgin is started and loads the malicious library.

Still, this requires user cooperation and is a bit theoretical.

[1] http://msdn.microsoft.com/en-us/library/ms682586%28v=vs.85%29.aspx
[2] http://msdn.microsoft.com/en-us/library/bb776891%28v=vs.85%29.aspx

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #14571

    • Property Milestone changed from 2.10.1 to 3.0.0
  • Ticket #14571 – Description

    initial v5  
    33This can be fixed by using a recent GTK+ version.
    44
    5 [1] http://secunia.com/advisories/45815/
    6 
     5[1] http://secunia.com/advisories/45815/ [[BR]]
    76[2] http://jvn.jp/en/jp/JVN58019849/index.html
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!