Untrusted Search Path Vulnerabilities in Putty Beta 0.67 Allow Arbitrary Code Execution and DLL Hijacking

Untrusted Search Path Vulnerabilities in Putty Beta 0.67 Allow Arbitrary Code Execution and DLL Hijacking

CVE-2016-6167 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.

Learn more about our User Device Pen Test.