← voltar
CVE-2022-32168

notepad-plus-plus - DLL Hijacking

CVSS 7.8 HIGHEPSS 0.7%CWE-427
Notepad++ versions 8.4.1 and before are vulnerable to DLL hijacking where an attacker can replace the vulnerable dll (UxTheme.dll) with his own dll and run arbitrary code in the context of Notepad++.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Produtos afetados
notepad-plus-plus · notepad-plus-plus

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/notepad-plus-plus/notepad-plus-plus/commit/85d7215d9b3e0d5a8433fc31aec4f2966821051ehttps://www.mend.io/vulnerability-database/CVE-2022-32168