Дата обнаружения
|
08/03/2017 |
Уровень угрозы
|
Critical |
Описание
|
An issue of a hijacked DLL was found in Notepad++. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a sciexer.dll, which is replaced by version of sciexer.dll built by CIA. Technical details This vulnerability has been fixed by adding a certificate validation in sciexer.exe before loading it. NB: This vulnerability have no public CVSS rating so rating can be changed by the time. |
Пораженные продукты
|
Notepad++ versions earlier than 7.3.3 |
Решение
|
Update to the latest version |
Первичный источник обнаружения
|
Notepad++ news |
Связанные продукты
|
Notepad++ |
Узнай статистику распространения уязвимостей в твоем регионе |