CVE-2022-44939

Efs Software Easy Chat Server Version 3.1 was discovered to contain a DLL hijacking vulnerability via the component TextShaping.dll. This vulnerability allows attackers to execute arbitrary code via a crafted DLL.
Configurations

Configuration 1 (hide)

cpe:2.3:a:echatserver:easy_chat_server:3.1:*:*:*:*:*:*:*

History

21 Nov 2024, 07:28

Type Values Removed Values Added
Summary
  • (es) Se descubrió que Efs Software Easy Chat Server versión 3.1 contenía una vulnerabilidad de secuestro de DLL a través del componente TextShaping.dll. Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario a través de una DLL manipulada.
References () https://github.com/RashidKhanPathan/WindowsPrivilegeEscalation/blob/main/DLL%20Hijacking/CVE-2022-44939/Research.txt - Exploit, Third Party Advisory () https://github.com/RashidKhanPathan/WindowsPrivilegeEscalation/blob/main/DLL%20Hijacking/CVE-2022-44939/Research.txt - Exploit, Third Party Advisory

Information

Published : 2023-01-06 22:15

Updated : 2025-04-09 21:15


NVD link : CVE-2022-44939

Mitre link : CVE-2022-44939

CVE.ORG link : CVE-2022-44939


JSON object : View

Products Affected

echatserver

  • easy_chat_server
CWE
CWE-427

Uncontrolled Search Path Element