| Title | PeaZip PeaZip 9.4.0.0 DLL Hijacking |
|---|
| Description | # Exploit Title: - DLL Hijacking
# Date: 17/11/2023
# Exploit Author: Jozic Espinoza
# Vendor Homepage: https://peazip.github.io
# Version: x.x.x.x
# Tested on: Windows
A DLL hijacking vulnerability has been discovered in PeaZip Version x.x.x.x
When a user open the peazip.exe file, the
application will load the following DLL from the same directory:
dragdropfilesdll.dll
Using a crafted DLL, it is possible to execute arbitrary code in the
context of the current logged in user. |
|---|
| User | tfhm (UID 58605) |
|---|
| Submission | 11/18/2023 05:30 (3 years ago) |
|---|
| Moderation | 12/16/2023 13:51 (28 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 248251 [PeaZip 9.4.0 Library dragdropfilesdll.dll uncontrolled search path] |
|---|
| Points | 17 |
|---|