SMPlayer Support Forum


https://old-forum.smplayer.info/

Windows DLL load hijacking exploits go wild

https://old-forum.smplayer.info/viewtopic.php?f=2&t=418

Page 1 of 1

Windows DLL load hijacking exploits go wild

PostPosted: Thu Aug 26, 2010 9:39 pm
by DrStrange
http://www.reuters.com/article/idUS2168761020100825

I did a scan of my OS using HD Moore's auditing tool. SMPlayer and other apps on my system showed as exploitable. Is this something that needs fixed, or should I not worry?

Re: Windows DLL load hijacking exploits go wild

PostPosted: Thu Aug 26, 2010 11:56 pm
by redxii
No need to worry unless somehow a dll is missing that SMPlayer needs and somehow someone had access to your system to place a malicious replacement in the same directory as a file you're opening. SMPlayer includes all the needed QT dlls so it will load them and not look elsewhere.

One of the places Windows searches for dlls is the current working directory. If you open "foo.mkv" by double-clicking it in "C:\Movies\", and SMPlayer needed but is missing "bar.dll" then one of the places it'd look is "C:\Movies\". MS should just remove that search path, there's no reason to be searching there because there is no reason that a dependency would be there.

RVM could use this to remove cwd as a search directory; http://msdn.microsoft.com/en-us/library ... 85%29.aspx
All times are UTC + 1 hour
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/