vendor:
Windows Internet Communication Settings
by:
ALPdaemon
9,3
CVSS
HIGH
DLL Hijacking
427
CWE
Product Name: Windows Internet Communication Settings
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows XP SP3 English
2010
Windows Internet Communication Settings DLL Hijacking Exploit (schannel.dll)
This exploit allows an attacker to execute arbitrary code by hijacking the Windows Internet Communication Settings DLL (schannel.dll). The attacker can create a malicious .isp file that contains a malicious DLL with the same name as the legitimate DLL. When the legitimate DLL is loaded, the malicious DLL will be loaded instead, allowing the attacker to execute arbitrary code.
Mitigation:
Ensure that all applications are running with the least privileges necessary. Also, ensure that all applications are up to date with the latest security patches.
