Intrusion PreventionEhtrace.dll.Insecure.Library.Loading
Description
This indicates an attack attempt to exploit an Insecure Library Loading vulnerability in various products.
The vulnerability is due to an improper search path in the application leading to insecure loading of ehtrace.dll file. An attacker can exploit this by tricking an unsuspecting user into opening a file from a directory and execute arbitrary code within the context of the application.
Affected Products
Media Player Classic v1.3.2189.0
Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1
Windows Media Center TV Pack for Windows Vista (32-bit editions)
Windows Media Center TV Pack for Windows Vista (64-bit editions)
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://www.microsoft.com/technet/security/Bulletin/ms11-015.mspx
Apply the most recent upgrade or patch from the vendor.
http://technet.microsoft.com/security/bulletin/MS11-076
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 26060 |
| Created | Mar 09, 2011 |
| Updated | Sep 16, 2015 |
| Risk |
|
| CVE ID | CVE-2011-2009 CVE-2011-0032 |
| Exploit Prediction Score | 25.98% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |