English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10972
CIA hacking issue in Notepad++
Обновлено: 17/06/2019
|
Дата обнаружения
|
08/03/2017 |
|
Уровень угрозы
|
Critical |
|
Описание
|
An issue of a hijacked DLL was found in Notepad++. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited remotely via a sciexer.dll, which is replaced by version of sciexer.dll built by CIA. Technical details This vulnerability has been fixed by adding a certificate validation in sciexer.exe before loading it. NB: This vulnerability have no public CVSS rating so rating can be changed by the time. |
|
Пораженные продукты
|
Notepad++ versions earlier than 7.3.3 |
|
Решение
|
Update to the latest version |
|
Первичный источник обнаружения
|
Notepad++ news |
|
Связанные продукты
|
Notepad++ |
| Узнай статистику распространения уязвимостей в твоем регионе |