CVE-2014-1680

CVE-2014-1680

EPSS 0.5%

Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://osvdb.org/102979 http://packetstormsecurity.com/files/125059 https://exchange.xforce.ibmcloud.com/vulnerabilities/90966 http://www.bandisoft.com/bandizip/history