| タイトル | flo's freeware Notepad2 4.2.25 DLL Hijacking |
|---|
| 説明 | Security vulnerability: DLL Hijacking
Affected Component: Notepad2
Product: Notepad2
Version: 4.2.25
Vendor: flo's freeware (https://www.flos-freeware.ch/)
Vulnerability Description
A vulnerability has been discovered affecting Notepad2, allowing DLL hijacking upon software startup.
Impact
By exploiting this vulnerability, a malicious user could send a malicious DLL file along with legitimate software, causing Notepad2 to automatically execute the malicious code with the same privileges as the user who installed the software. This could allow an attacker to use the credibility of the authentic software to execute arbitrary commands, compromise data, or alter system functionality, jeopardizing the security and integrity of the environment.
To reproduce:
1) Note that when Notepad2 starts, it calls the folder where the software was run, searching for a missing DLL file called "Msimg32.dll".
2) This way, create a malicious exe file called "Msimg32.dll" and paste it into the folder where the software will run.
3) Start the Notepad2 normally.
4) The malicious DLL will be loaded automatically.
|
|---|
| ソース | ⚠️ https://github.com/Cyber-Wo0dy/report/blob/main/notepad2/4.2.25/notepad2_dll_hijacking.md |
|---|
| ユーザー | Anonymous User |
|---|
| 送信 | 2026年01月30日 13:33 (3 月 ago) |
|---|
| モデレーション | 2026年02月15日 10:25 (16 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 346126 [Flos Freeware Notepad2 4.2.22/4.2.23/4.2.24/4.2.25 Msimg32.dll 特権昇格] |
|---|
| ポイント | 20 |
|---|