In association with heise online

04 January 2011, 12:29

Unpatched hole in ImgBurn disk burning application

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

ImgBurn Logo According to security specialist Secunia, a highly critical vulnerability in ImgBurn, a lightweight disk burning application, can be used to remotely compromise a user's system. The security issue in the freeware program is reportedly caused by the application loading libraries (dwmapi.dll) in an "insecure manner", which can then lead to the execution of arbitrary code.

The problem has been confirmed to affect version 2.5.4.0 of ImgBurn, the latest release from 12 December; however, previous versions are also likely to be vulnerable. For an attack to be successful, a victim must first open a specially crafted file. As such, users are advised to avoid opening untrusted files.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1163003
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit