CVE-2018-10027 – ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a mal …

0

Vuln ID: CVE-2018-10027

Published:  2018-05-17  12:29:00Z

Description: ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%ESTsoftALZipFormats, %PROGRAMFILES%ESTsoftALZipCoders, %PROGRAMFILES(X86)%ESTsoftALZipFormats, or %PROGRAMFILES(X86)%ESTsoftALZipCoders.

Source: NVD.NIST.GOV