Executable installers are vulnerable^WEVIL (case 49): 1Password-4.6.1.619.exe allows arbitrary code execution

Posted by Stefan Kanthak on Apr 07

Hi @ll,

1Password-4.6.1.619.exe, available from
<https://d13itkw33a7sus.cloudfront.net/dist/1P/win4/1Password-4.6.1.619.exe>
is vulnerable to DLL hijacking: it loads UXTheme.dll or DWMAPI.dll
from its “application directory” instead Windows
“system directory”.

For downloaded applications like 1Password-4.6.1.619.exe the
“application directory” is Windows’ “Downloads” folder.

See <…

Leave a Reply