These are all the list of applications (along with dll name) that are vulnerable to Dll Hijacking attack in windows.
For more Information about Dll Hijacking take a look at my previous posting on Dll preloading.
* ArchiCad 13.00 (srcsrv.dll)
* Nokia Suite contentcopier (wintab32.dll)
* Nokia Suite communicationcentre (wintab32.dll)
* Sony Sound Forge Pro 10.0 (MtxParhVegasPreview.dll)
* Camtasia Studio 7 (mfc90enu.dll, mfc90loc.dll)
* Media Player Classic v1.3.2189.0 (ehtrace.dll)
* Microsoft Help and Support Center (wshfra.dll)
* Microsoft Clip Book Viewer (mfaphook.dll)
* Real Player 1.1.5 Build 12.0.0.879 (wnaspi32.dll)
* SiSoftware Sandra (dwmapi.dll)
* SMPlayer v0.6.9 (wintab32.dll)
* Winmerge v2.12.4 (MFC71ESN.DLL)
* Steam Games (steamgamesupport.dll)
* UltraISO Premium 9.36 .isz (daemon.dll)
* wscript.exe (XP) (wshfra.dll)
* Autodesk AutoCAD 2007 (color.dll)
* Daemon tools lite .mds (mfc80loc.dll)
* Google Earth v5.1.3535.3218 .kmz (quserex.dll)
* Nullsoft Winamp 5.581 .cda (wnaspi32.dll)
* Media Player Classic 6.4.9.1 .mka (iacenc.dll)
* Corel PHOTO-PAINT X3 v13.0.0.576 .cpt (crlrib.dll)
* CorelDRAW X3 v13.0.0.576 .cmx .csl (crlrib.dll)
* Adobe ExtendedScript Toolkit CS5 v3.5.0.52 (dwmapi.dll)
* Adobe Extension Manager CS5 v5.0.298 (dwmapi.dll)
* Mozilla Thunderbird ( dwmapi.dll )
* Microsoft Office PowerPoint 2007 (rpawinet.dll)
* Roxio MyDVD 9 (HomeUtils9.dll)
* Windows Internet Communication Settings (schannel.dll)
* Microsoft Windows Contacts (wab32res.dll)
* Adobe InDesign CS4 (ibfs32.dll)
* Cisco Packet Tracer 5.2 (wintab32.dll)
* Nvidia Driver (nview.dll)
* Adobe Illustrator CS4 (aires.dll)
* Adobe On Location CS4 (ibfs32.dll)
* Adobe Premier Pro CS4 (ibfs32.dll)
* Roxio Creator DE (HomeUtils9.dll)
* Skype <= 4.2.0.169 (wab32.dll)
* Mediaplayer Classic 1.3.2189.0 (iacenc.dll)
* TechSmith Snagit 10 (Build 788) (dwmapi.dll)
* Ettercap NG-0.7.3 (wpcap.dll)
* Microsoft Group Convertor .grp (imm.dll)
* Safari v5.0.1 (dwmapi.dll)
* Adobe Device Central CS5 (qtcf.dll)
* Microsoft Internet Connection Signup Wizard (smmscrpt.dll)
* InterVideo WinDVD 5 (cpqdvd.dll)
* Roxio Photosuite 9 (homeutils9.dll)
* Microsoft Vista BitLocker Drive Encryption (fveapi.dll)
* VLC Media Player (wintab32.dll)
* uTorrent DLL Hijacking Vulnerabilities
* TeamMate Audit Management Software Suite (mfc71enu.dll)
* Microsoft Office Groove 2007 (mso.dll)
* Microsoft Address Book 6.00.2900.5512 (wab32res.dll)
* Microsoft Visio 2003 (mfc71enu.dll)
* avast! <= 5.0.594 license files (mfc90loc.dll)
* Adobe Photoshop CS2 (Wintab32.dll)
* Adobe Dreamweaver CS5 <= 11.0 build 4909 (mfc90loc.dll)
* BS.Player <= 2.56 build 1043 (mfc71loc.dll)
* Adobe Dreamweaver CS4 (ibfs32.dll)
* TeamViewer <= 5.0.8703 (dwmapi.dll)
* Microsoft Windows 7 wab.exe (wab32res.dll)
* Opera v10.61 (dwmapi.dll)
* Microsoft Windows Movie Maker <= 2.6.4038.0 (hhctrl.ocx)
* Firefox <= 3.6.8 (dwmapi.dll)
* Windows Live Email (dwmapi.dll)
* Foxit Reader <= 4.0 pdf Jailbreak Exploit
* uTorrent <= 2.0.3 (plugin_dll.dll)
* Microsoft Power Point 2010 (pptimpconv.dll)
* Wireshark <= 1.2.10 (airpcap.dll)
* Notepad++ (SciLexer.dll)
* Microsoft Power Point 2007 (pp4x322.dll)
* Microsoft Visio 2010 v14.0.4514.1004 (dwmapi.dll)
* Microsoft Word 2007 (msapsspc.dll,schannel.dll, digest.dll, msnsspc.dll)
* Microsoft Powerpoint 2007 (pp7x32.dll, pp4x322.dll, msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll)
* Tftpd32 version 3.35 (IPHLPAPI.DLL)
* Microsoft ATL Trace Tool Build 10.0.30319.1 atltracetool8.exe dwmapi extention .trc
* Windows Live! Messenger (Build => 14.0.8117.416) msgsres.dll Hijacking
* Active Perl v5.12.1 (wshenu.dll)
* CATIA V5 R17 (hzs_lm.dll)
* Autodesk AutoCAD 2007 (color.dll)
* Cool Edit Pro 2.0 (coolburn.dll)
* GOM Player 2.1.25.5015 (schannel.dll)
* MAGIX Music Studio 12 deluxe (playripla6.dll)
* Opera 10.61 (dwmapi.dll)
* TeamViewer 5 (dwmapi.dll)
* Windows Address Book (wab32res.dll)
* Java Version 6 Update 21 (schannel.dll)
* Windows Progman Group Converter (imm.dll)
* NetStumbler 0.4.0 (mfc71enu.dll)
* Windows Mail 6.0.6000.16386 (wab32res.dll)
* TeamViewer (TV.dll)
* Wireshark <= 1.2.10 (libintl-8.dll)
* Microsoft Windows Media Encoder 9 .prx (msxml.dll)
* Notepad++ V5.4.5 Dll Hijack (SpellChecker.dll)
* Windows 7 and Vista Backup Utility .wbcat (fveapi.dll)
* Virtual DJ 6.1.2 .mp3 hdjapi.dll
* Atheros Client Utility dll Hijacking exploit (oemres.dll)
* Internet download manager dll Hijacking exploit (idmmkb.dll)
* Forensic Toolkit .ftk (MFC90DEU.DLL)
* EnCase .endump (rsaenh.dll)
* IBM Rational License Key Administrator .upd (IBFS32.DLL)
* PGP Desktop 9.8 .pgp (credssp.dll)
* Forensic CaseNotes .notes (credssp.dll)
* Microsoft RDP .rdp (ieframe.dll)
* pdf x viewer .pdf (wintab32.dll)
* Ultr@ VNC Viewer .vnc (vnclang.dll)
* Babylon v8.0.0.18 .txt (besextension.dll)
* QtWeb v3.3 .htm, .xml (wintab32.dll)
* IZArc 4.1.2.2012 .rar .zip .jar (ztv7z.dll)
* Jetaudio v7.1.8.4006 plus VX .mp3 mogg .mov and others (wnaspi32.dll)
* TechSmith Snagit v7.2.5 .snagprof (mfc71enu.dll)
* QXDM v03.09.19 (Qualcomm eXtensible Diagnostic Monitor) .isf (mfc71enu.dll)
This listing was published to make security analysts aware of exploitable applications in order to protect their resources from any possible attacks.
1 comment:
Nice Effort dude, way to go!!!
Cheers,
Arun Sabapathy
Post a Comment