Untrusted Search Path Vulnerability in Amazon Kindle for PC Allows Arbitrary Code Execution and DLL Hijacking

Untrusted Search Path Vulnerability in Amazon Kindle for PC Allows Arbitrary Code Execution and DLL Hijacking

CVE-2017-6189 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

Untrusted search path vulnerability in Amazon Kindle for PC before 1.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL in the current working directory of the Kindle Setup installer.

Learn more about our User Device Pen Test.