Amazon : Security Vulnerabilities, CVEs, (File inclusion)

CVE-2017-17069

ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file.
Max CVSS
9.3
EPSS Score
0.12%
Published
2017-12-06
Updated
2017-12-20

CVE-2017-6189

Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
Max CVSS
7.3
EPSS Score
0.04%
Published
2017-03-15
Updated
2017-03-24
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close