Home

Awesome

CVE-2018-8090

DLL Hijacking in Quickheal Total Security/ Internet Security/ Antivirus Pro (Installers)

Affected Products:

Affected Installers:

All of the above installers allow DLL hijacking due to insecure library loading. As all these installers require admin privileges so it is possible load and execute code with admin privileges.

DLL's that can be loaded in 32 bit versions:

DLL's that can be loaded in 64 bit versions:

Timeline:

Additional Links

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8090

https://nvd.nist.gov/vuln/detail/CVE-2018-8090