ThinkVantage Access Connections Insecure Library Loading Vulnerability

Last Update Date: 14 Aug 2013 15:49 Release Date: 14 Aug 2013 3218 Views

RISK: High Risk

High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability has been discovered in ThinkVantage Access Connections, which can be exploited by malicious people to compromise a user's system.

 

The vulnerability is caused due to the application loading libraries (mfc71enu.dll and mfc71loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a LOC file located on a remote WebDAV or SMB share.

 

Successful exploitation allows execution of arbitrary code.

 

Note: No official solution is currently available. 

Impact

  • Remote Code Execution

System / Technologies affected

  • version 6.01

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • No official solution is currently available.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Microsoft Windows ASLR Security Feature Bypass Vulnerability

14 Aug 2013 3321 Views

Next

Microsoft Windows NAT Denial of Service Vulnerability

14 Aug 2013 3300 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY