Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Sony PS4 Remote Play - DLL Hijack vulnerability

From: Maelstrom Security via Fulldisclosure <fulldisclosure () seclists org>
Date: Sat, 09 Dec 2017 14:36:27 -0500
Application: PS4 Remote Play
Application Version: 2.5.0.9220
Platform: Windows
Vendor: Sony
Notified at: secure () sony com (3 months ago),no reply, and still no fix...

PS4 Remote Play application is vulnerable to DLL Hijacking Vulnerability. If executable is installed in unprotected 
directories (where any user can have access)or in portable form (which is often installed outside of program files or 
%windir%) it is possible to hijack DLL by placing malformed dll in application directory and run malicious actions 
(arbitrary code execute with the privilige level of executing user) when application loads the dll.

Affected Library List
---------------------
VERSION.dll
CRYPTSP.dll
DWrite.dll
iphlpapi.dll
rasapi32.dll
rtutils.dll
winhttp.dll
secur32.dll
WindowsCodecs.dll
RichEd20.DLL
d3d9.dll
igdumd32.dll
WtsApi32.dll
WINSTA.dll
USERENV.dll
WindowsCodecsExt.dll
urlmon.dll
AUDIOSES.DLL

More info & Remediation:
https://blogs.technet.microsoft.com/srd/2010/08/23/more-information-about-the-dll-preloading-remote-attack-vector/

Thank You,
Maelstrom Security

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: