CVE-2014-1680 Information

Description

Untrusted search path vulnerability in Bandisoft Bandizip before 3.10 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory.

Reference

http://osvdb.org/102979 http://packetstormsecurity.com/files/125059 http://www.bandisoft.com/bandizip/history https://exchange.xforce.ibmcloud.com/vulnerabilities/90966