CVE-2014-0619

EUVD-2014-0650
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
Affected Products (NVD)
VendorProductVersion
hamstersofthamster_free_zip_archiver
2.0.1.7
𝑥
= Vulnerable software versions
References
http://packetstormsecurity.com/files/128739/Hamster-Free-ZIP-Archiver-2.0.1.7-DLL-Hijacking.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/97658
http://packetstormsecurity.com/files/128739/Hamster-Free-ZIP-Archiver-2.0.1.7-DLL-Hijacking.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/97658