Users of Maxthon Browser version 2.5.15.1000 please be advised of an Insecure DLL Hijacking Vulnerability (dwmapi.dll) that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
Maxthon Browser-SA-08/28/2010: Maxthon Browser version 2.5.15.1000 Insecure DLL Hijacking Vulnerability (dwmapi.dll)
VULNERABILITY DESCRIPTION
The Maxthon Browser application passes an insufficiently qualified
path in loading an external library, "dwmapi.dll"
when a user opens its associated file with extensions - htm, html, mhtml.
Read more at www.criticalwatch.com
See this Amp at http://bit.ly/arSIES
No comments:
Post a Comment