Posted by Himanshu Mehta on Oct 19

Aloha,

Summary
Evernote contains a DLL hijacking vulnerability that could allow an
unauthenticated, remote attacker to execute arbitrary code on the targeted
system. The vulnerability exists due to some DLL file is loaded by
‘Evernote_6.1.2.2292.exe’ improperly. And it allows an attacker to load
this DLL file of the attacker’s choosing that could execute arbitrary code
without the user’s knowledge.

Affected Product:
Evernote…