Saturday, September 4, 2010

KeePass version 2.12: Insecure DLL Hijacking Vulnerability (dwmapi.dll)

Users of KeePass version 2.12 please be advised of an Insecure DLL Hijacking Vulnerability (dwmapi.dll) that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

KeePass-SA-08/31/2010: KeePass version 2.12 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll)

VULNERABILITY DESCRIPTION



The KeePass application passes an insufficiently qualified path in

loading an external library, "dwmapi.dll"

when a user opens its associated file with extensions - "kdbx".
Read more at www.criticalwatch.com
 

No comments:

Post a Comment