| Title | Notepad Notepad++ 8.1 DLL Hijacking |
|---|
| Description | # Exploit Title: NotePad V8.1 - DLL Hijacking
# Date: 2023-08-09
# Exploit Author: Jozic Espinoza
# Vnedor site:https://notepad-plus-plus.org/
# Version: 8.1 and before
# Tested on: Windows
A DLL hijacking vulnerability has been discovered in NotePad++ Version 8.1and before
When a user open a notepad.exe file , the
application will load the following DLL from the same directory:
dbghelp.exe
Using a crafted DLL, it is possible to execute arbitrary code in the
context of the current logged in user.
|
|---|
| User | tfhm (UID 58605) |
|---|
| Submission | 11/18/2023 05:40 (3 years ago) |
|---|
| Moderation | 11/30/2023 09:54 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 246421 [NotePad++ up to 8.1 dbghelp.exe uncontrolled search path] |
|---|
| Points | 17 |
|---|