http://www.reuters.com/article/idUS2168761020100825
I did a scan of my OS using HD Moore's auditing tool. SMPlayer and other apps on my system showed as exploitable. Is this something that needs fixed, or should I not worry?
This forum is deprecated. Please visit https://github.com/smplayer-dev/smplayer/discussions
Windows DLL load hijacking exploits go wild
2 posts
• Page 1 of 1
Windows DLL load hijacking exploits go wild
by DrStrange » Thu Aug 26, 2010 9:39 pm
- DrStrange
- Posts: 1
- Joined: Tue Jul 06, 2010 8:43 pm
Re: Windows DLL load hijacking exploits go wild
by redxii » Thu Aug 26, 2010 11:56 pm
No need to worry unless somehow a dll is missing that SMPlayer needs and somehow someone had access to your system to place a malicious replacement in the same directory as a file you're opening. SMPlayer includes all the needed QT dlls so it will load them and not look elsewhere.
One of the places Windows searches for dlls is the current working directory. If you open "foo.mkv" by double-clicking it in "C:\Movies\", and SMPlayer needed but is missing "bar.dll" then one of the places it'd look is "C:\Movies\". MS should just remove that search path, there's no reason to be searching there because there is no reason that a dependency would be there.
RVM could use this to remove cwd as a search directory; http://msdn.microsoft.com/en-us/library ... 85%29.aspx
One of the places Windows searches for dlls is the current working directory. If you open "foo.mkv" by double-clicking it in "C:\Movies\", and SMPlayer needed but is missing "bar.dll" then one of the places it'd look is "C:\Movies\". MS should just remove that search path, there's no reason to be searching there because there is no reason that a dependency would be there.
RVM could use this to remove cwd as a search directory; http://msdn.microsoft.com/en-us/library ... 85%29.aspx
-
redxii - Posts: 520
- Joined: Thu Dec 24, 2009 7:06 pm
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 39 guests