Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Ecava IntegraXor < 3.60.4081 Path Subversion Arbitrary DLL Injection Code Execution

High

Synopsis

A vulnerable version of Ecava IntegraXor has been detected.

Description

Ecava IntegraXor versions prior to 3.60.4081 contain a flaw in the way dynamic-link libraries (DLLs) are loaded. IntegraXor uses a fixed path to look for specific DLLs, but this path could include directories that are not trusted or under user control. If a malicious DLL with the same name as a required DLL is located in the application's current working directory, the malicious DLL will be loaded. This allows an attacker to execute custom code that will run with the privilege of the program or user executing the program. This attack could be leveraged remotely by placing the malicious file or library on a network share or archive downloaded from a remote source.

Solution

Upgrade to IntegraXor version 3.60.4081 or later.