CVE-2017-6189

Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
References
Link Resource
http://packetstormsecurity.com/files/141366/Amazon-Kindle-DLL-Hijacking.html Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2017/Feb/71 Mailing List Third Party Advisory
http://www.securityfocus.com/bid/96476 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:amazon:kindle_for_pc:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-03-15 15:59

Updated : 2024-02-04 19:11


NVD link : CVE-2017-6189

Mitre link : CVE-2017-6189

CVE.ORG link : CVE-2017-6189


JSON object : View

Products Affected

amazon

  • kindle_for_pc
CWE
CWE-426

Untrusted Search Path