CVE-2017-6189

Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
References
Link Resource
http://www.securityfocus.com/bid/96476 Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2017/Feb/71 Mailing List Third Party Advisory
http://packetstormsecurity.com/files/141366/Amazon-Kindle-DLL-Hijacking.html Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:amazon:kindle_for_pc:*:*:*:*:*:*:*:*

Information

Published : 2017-03-15 08:59

Updated : 2017-03-24 07:07


NVD link : CVE-2017-6189

Mitre link : CVE-2017-6189


JSON object : View

CWE
CWE-426

Untrusted Search Path

Advertisement

dedicated server usa

Products Affected

amazon

  • kindle_for_pc