| عنوان | Google Earth Pro v7.3.4.8642 - DLL Hijacking |
|---|
| الوصف | Title: Google Earth Pro v7.3.4.8642 - DLL Hijacking PoC
Date: 07/09/2022
Author: MrEmpy
Vendor Homepage: https://www.google.com/
Software Link: https://www.google.com.br/earth/
Version: 7.3.4.8642
Tested on: Windows
Title:
================
Google Earth Pro v7.3.4.8642 - DLL Hijacking PoC
Summary:
================
Google Earth Pro version 7.3.4.8642 is vulnerable to a DLL Hijacking attack by exchanging a DLL in the software's main directory. DLL swapping can lead a malicious user to arbitrarily execute malicious code.
This vulnerability is considered a day 0 fault, as it was discovered recently and the company responsible for the software was not notified or aware of this issue.
Affected Product:
================
Google Earth Pro v7.3.4.8642
Proof of Concept:
================
There is a video demonstrating the attack. The video doesn't show in detail, because as mentioned above, this flaw was discovered recently and the company that owns the software doesn't know this weakness.
https://www.youtube.com/watch?v=YGOWlIXf5-0 |
|---|
| المصدر | ⚠️ https://www.google.com.br/earth/ |
|---|
| المستخدم | mrempy (UID 24379) |
|---|
| ارسال | 07/09/2022 03:30 PM (4 سنوات منذ) |
|---|
| الاعتدال | 16/09/2022 07:14 AM (9 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 208721 [Google Earth Pro 7.3.4.8642 على Windows تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|