Vigil@nce - Windows 2008: code execution via DLL Preload of Color Control Panel
March 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a malicious DLL and invite the victim to
open a document in the same directory, in order to execute code.
Severity: 2/4
Creation date: 15/02/2012
IMPACTED PRODUCTS
– Microsoft Windows 2008
DESCRIPTION OF THE VULNERABILITY
The Color Control Panel program loads ICM and ICC files, which
configure colors on the system. This program loads a DLL library
when it starts.
However, the library is loaded insecurely. An attacker can thus
use the VIGILANCE-VUL-9879 (https://vigilance.fr/tree/1/9879)
vulnerability to execute code.
An attacker can therefore create a malicious DLL and invite the
victim to open a document (.ICM or .ICC) in the same directory, in
order to execute code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN