CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-17069 – Amazon Audible DLL Hijacking
https://notcve.org/view.php?id=CVE-2017-17069
ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. ActiveSetupN.exe en Amazon Audible para Windows en versiones anteriores a noviembre de 2017 permite que atacantes ejecuten código DLL arbitrario si ActiveSetupN.exe se ejecuta desde un directorio en el que un atacante ya haya creado un archivo troyano dwmapi.dll. Amazon Audible suffers from a dll hijacking vulnerability. • http://www.securityfocus.com/bid/102044 https://packetstormsecurity.com/files/145202/Amazon-Audible-DLL-Hijacking.html https://twitter.com/LionHeartRoxx/status/936338288314540032 • CWE-426: Untrusted Search Path •