04 Jan 2011
17 Jan 2011
This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.
A vulnerability has been discovered in ImgBurn, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a CUE file located on a remote WebDAV or SMB share.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 220.127.116.11. Other versions may also be affected.
Update to version 18.104.22.168.