CVE-2011-0403 Information

Description

Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0 2.5.4.0 and other versions allows local users and possibly remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a CUE file.

Reference

http://osvdb.org/70273 http://packetstormsecurity.org/files/view/97207/imgburn-dllhijack.txt http://secunia.com/advisories/42798 http://www.securityfocus.com/bid/45657 https://exchange.xforce.ibmcloud.com/vulnerabilities/64478