vulnerability bulletin CVE-2010-5195 CVE-2010-5236
Roxio MyDVD: code execution via DLL Preload
Synthesis of the vulnerability
An attacker can use a malicious HomeUtils9.dll DLL in order to execute code in Roxio MyDVD.Impacted products:
BID-42743, CVE-2010-5195, CVE-2010-5236, VIGILANCE-VUL-9903.
Description of the vulnerability
The Roxio MyDVD program loads the HomeUtils9.dll library when it starts.
However, the library is loaded insecurely. An attacker can thus use the VIGILANCE-VUL-9879 vulnerability to execute code.
An attacker can therefore use a malicious HomeUtils9.dll DLL, in order to execute code in the context of Roxio MyDVD.Complete Vigil@nce bulletin....
Share this bulletin
Computer vulnerabilities tracking service
Vigil@nce provides systems vulnerabilities patches
. The technology watch team tracks security threats targeting the computer system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce vulnerability database contains several thousand vulnerabilities.