Amazon : Security Vulnerabilities, CVEs, (File inclusion)
ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file.
Max CVSS
9.3
EPSS Score
0.12%
Published
2017-12-06
Updated
2017-12-20
Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.
Max CVSS
7.3
EPSS Score
0.04%
Published
2017-03-15
Updated
2017-03-24
2 vulnerabilities found