Users of KeePass version 2.12 please be advised of an Insecure DLL Hijacking Vulnerability (dwmapi.dll) that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
KeePass-SA-08/31/2010: KeePass version 2.12 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll)
VULNERABILITY DESCRIPTION
The KeePass application passes an insufficiently qualified path in
loading an external library, "dwmapi.dll"
when a user opens its associated file with extensions - "kdbx".
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/cTaO0u

No comments:
Post a Comment