Full Disclosure

Executable installers are vulnerable^WEVIL (case 46): Pelles C allows arbitrary code execution

January 22, 2017 007admin Leave a comment

Posted by Stefan Kanthak on Jan 22

Hi @ll,

the executable installers of “Pelle’s C”,
<http://smorgasbordet.com/pellesc/800/setup64.exe> and,
<http://smorgasbordet.com/pellesc/800/setup.exe>, available
from <http://smorgasbordet.com/pellesc/index.htm>, are vulnerable
to DLL hijacking: they load (tested on Windows 7) at least the
following DLLs from their “application directory” instead Windows’
“system directory”:…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information