Demon tool lite is vulnerable to DLL Hijacking. An attacker can place a malicious mfc80loc.dll in the same folder as a .mds file and execute the .mds file in Demon tool lite. This will cause the malicious DLL to be executed, resulting in arbitrary code execution.
Google Earth suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extension is .kmz thru quserex.dll and wintab32.dll libraries.
Winamp 5.581 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extensions are .669, .aac, .aiff, .amf, .au, .avr, .b4s, .caf and .cda thru wnaspi32.dll and dwmapi.dll libraries.
Media Player Classic (MPC) is a compact media player for 32-bit Microsoft Windows. The application mimics the look and feel of the old, lightweight Windows Media Player 6.4 but integrates most options and features found in modern media players. It and its forks are standard media players in the K-Lite Codec Pack and the Combined Community Codec Pack. Media Player Classic suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extensions are .mka, .ra and .ram thru iacenc.dll library.
Corel PHOTO-PAINT X3 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extension is .cpt thru crlrib.dll library.
CorelDRAW X3 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extensions are .cmx and .csl thru crlrib.dll library. Compile and rename to crlrib.dll, create a file test.cmx or test.csl and put both files in same dir and execute.
Adobe ExtendScript Toolkit CS5 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extension is .jsx thru dwmapi.dll library.
Adobe Extension Manager CS5 suffers from a dll hijacking vulnerability that enables the attacker to execute arbitrary code on a local level. The vulnerable extensions are .mxi and .mxp thru dwmapi.dll library.
This exploit is based on the exploit from 'TheLeader' and affects the latest version of Mozilla Thunderbird 3.1.2. It is a DLL hijacking exploit that targets vulnerable extensions such as .eml and .html. The code includes a malicious function 'evil()' which executes the Windows calculator when called.
This exploit allows an attacker to execute arbitrary code by hijacking the Windows Internet Communication Settings DLL (schannel.dll). The attacker can create a malicious .isp file that contains a malicious DLL with the same name as the legitimate DLL. When the legitimate DLL is loaded, the malicious DLL will be loaded instead, allowing the attacker to execute arbitrary code.
Services By CQR