CVE-2011-0403

ImgBurn - Untrusted Search Path and DLL Hijacking via Trojan Horse dwmapi.dll

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0403. PoCs published by d3c0der.

AI-analyzed exploit summary This exploit leverages a DLL hijacking vulnerability in ImgBurn 2.4.0.0 by placing a malicious DLL in a network share location. When the application loads the DLL, it executes arbitrary code (e.g., launching calc.exe).

Description

Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, 2.5.4.0, and other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a CUE file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by d3c0der · cdoswindows

https://www.exploit-db.com/exploits/35163

View Code ZIP pw:eip

This exploit leverages a DLL hijacking vulnerability in ImgBurn 2.4.0.0 by placing a malicious DLL in a network share location. When the application loads the DLL, it executes arbitrary code (e.g., launching calc.exe).

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: ImgBurn 2.4.0.0

No auth needed

Prerequisites: Victim must open a file from a network share containing the malicious DLL

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Exploit x_refsource_misc

http://packetstormsecurity.org/files/view/97207/imgburn-dllhijack.txt

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42798

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/70273

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/45657

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/64478

Scores

EPSS 0.0707

EPSS Percentile 93.4%

Details

Status published

Products (20)

imgburn/imgburn 1.0.0.0

imgburn/imgburn 1.1.0.0

imgburn/imgburn 1.2.0.0

imgburn/imgburn 1.3.0.0

imgburn/imgburn 2.0.0.0

imgburn/imgburn 2.1.0.0

imgburn/imgburn 2.2.0.0

imgburn/imgburn 2.3.0.0

imgburn/imgburn 2.3.1.0

imgburn/imgburn 2.3.2.0

... and 10 more

Published Jan 11, 2011

Tracked Since Feb 18, 2026