| Titre | flo's freeware Notepad2 4.2.25 DLL Hijacking |
|---|
| Description | Security vulnerability: DLL Hijacking
Affected Component: Notepad2
Product: Notepad2
Version: 4.2.25
Vendor: flo's freeware (https://www.flos-freeware.ch/)
Vulnerability Description
A vulnerability has been discovered affecting Notepad2, allowing DLL hijacking upon software startup.
Impact
By exploiting this vulnerability, a malicious user could send a malicious DLL file along with legitimate software, causing Notepad2 to automatically execute the malicious code with the same privileges as the user who installed the software. This could allow an attacker to use the credibility of the authentic software to execute arbitrary commands, compromise data, or alter system functionality, jeopardizing the security and integrity of the environment.
To reproduce:
1) Note that when Notepad2 starts, it calls the folder where the software was run, searching for a missing DLL file called "Msimg32.dll".
2) This way, create a malicious exe file called "Msimg32.dll" and paste it into the folder where the software will run.
3) Start the Notepad2 normally.
4) The malicious DLL will be loaded automatically.
|
|---|
| La source | ⚠️ https://github.com/Cyber-Wo0dy/report/blob/main/notepad2/4.2.25/notepad2_dll_hijacking.md |
|---|
| Utilisateur | Anonymous User |
|---|
| Soumission | 30/01/2026 13:33 (il y a 3 mois) |
|---|
| Modérer | 15/02/2026 10:25 (16 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 346126 [Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25 Msimg32.dll élévation de privilèges] |
|---|
| Points | 20 |
|---|