DLL Hijacking Vulnerability in ExifTool by Phil Harvey
CVE-2018-20211

7.8HIGH

Key Information:

Vendor

Exiftool Project

Status
Exiftool
Vendor
CVE Published:
2 January 2019

What is CVE-2018-20211?

ExifTool version 8.32, an outdated software from 2010, contains a DLL hijacking vulnerability. Local users can exploit this flaw by creating a specific cache folder in the TEMP directory with the victim's username. By copying a malicious ws32_32.dll file into this folder, attackers can gain unauthorized privileges. It's crucial for users of this obsolete version to be aware of the risks and consider upgrading to a more secure version.

References

http://seclists.org/fulldisclosure/2018/Dec/44
mailing-listx_refsource_FULLDISC
http://packetstormsecurity.com/files/150892/Exiftool-8.3....
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.