#2182 SECURITY: 2.14.0 Installer vulnerable to DLL Hijacking

Trunk
open
nobody
security (1)
3
2016-03-29
2016-03-29
No

The WinMerge 2.14.0 installer is vulnerable to a DLL hijacking attack of dwmapi.dll, allowing attacker-supplied code to run in the elevated context of the WinMerge installer.

https://textplain.wordpress.com/2015/12/18/dll-hijacking-just-wont-die/

Discussion


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks