Vulnerability in Bandisoft Bandizip
CVE-2014-1680
Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.
EPSS: 0.001 (17.5th percentile) — read the EPSS interpretation.
Affected products
- Bandisoft Bandizip — versions 3.00, 3.01, 3.02
- N/a — versions n/a
References
- bandzip-dll-cve20141680-code-exec(90966) (vdb-entry, x_refsource_XF)
- 102979 (x_refsource_OSVDB, vdb-entry)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (Exploit, x_refsource_MISC)