CPANSA-Image-ExifTool-2018-20211: Image-ExifTool vulnerability
Publisher | giterlizzi | Document category | csaf_security_advisory |
---|---|---|---|
Initial release date | 2019-01-02T00:00:00 | Engine | CSAF Perl Toolkit 0.25 |
Current release date | 2019-01-02T00:00:00 | Build Date | |
Current version | 1 | Status | final |
CVSS v3.1 Base Score | 7.8 | Severity | |
Original language | Language | en | |
Also referred to |
Vulnerability Description
ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\\par-%username%\\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 (9.x was released starting in 2012, and 10.x was released starting in 2015).
Vulnerabilities
CVE-2018-20211
Vulnerability DescriptionExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. NOTE: 8.32 is an obsolete version from 2010 (9.x was released starting in 2012, and 10.x was released starting in 2015).
Weakness | CWE-427 : Uncontrolled Search Path Element |
---|
Product status
Known affected
Product | Score | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Image-ExifTool equal 8.32 |
|
Fixed
- Image-ExifTool greater than 8
giterlizzi
Namespace: https://github.com/giterlizzi/
gdt@cpan.org
References
- CPANSA-Image-ExifTool-2018-20211 JSON self
https://raw.githubusercontent.com/giterlizzi/perl-CPANSA-CSAF/develop/csaf/white/2019/cpansa-image-exiftool-2018-20211.json - http://packetstormsecurity.com/files/150892/Exiftool-8.3.2.0-DLL-Hijacking.html external
http://packetstormsecurity.com/files/150892/Exiftool-8.3.2.0-DLL-Hijacking.html - http://seclists.org/fulldisclosure/2018/Dec/44 external
http://seclists.org/fulldisclosure/2018/Dec/44 - CVE-2018-20211 (NVD) external
https://nvd.nist.gov/vuln/detail/CVE-2018-20211
Revision history
Version | Date of the revision | Summary of the revision |
---|---|---|
1 | Wed Jan 2 00:00:00 2019 | First release |
Sharing rules
TLP:WHITE
For the TLP version see: https://www.first.org/tlp/