CVE-2015-8264
HIGHF-Secure Online Scanner - Untrusted Search Path DLL Hijacking
Title source: llmDescription
Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as F-SecureOnlineScanner.exe.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/537803/100/0/threaded
Vendor Advisory x_refsource_confirm
https://www.f-secure.com/en/web/labs_global/fsc-2015-4
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/79657
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2016/Mar/64
Scores
CVSS v3
7.8
EPSS
0.0243
EPSS Percentile
82.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-426
Status
published
Products (1)
f-secure/f-secure_online_scanner
Published
Aug 02, 2017
Tracked Since
Feb 18, 2026