CVE-2019-9116
Last modified
CVE-2019-9116 is a vulnerability of currently unknown severity. DLL hijacking is possible in Sublime Text 3 version 3.1.1 build 3176 on 32-bit Windows platforms because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublime_text.exe to open a .txt file within an attacker's %LOCALAPPDATA%\Temp\sublime_text folder. NOTE: the vendor's position is "This does not appear to be a bug with Sublime Text, but rather one with Windows that has been patched.. EPSS estimates a 1.08% chance of exploitation in the next 30 days.
Description
DLL hijacking is possible in Sublime Text 3 version 3.1.1 build 3176 on 32-bit Windows platforms because a Trojan horse api-ms-win-core-fibers-l1-1-1.dll or api-ms-win-core-localization-l1-2-1.dll file may be loaded if a victim uses sublime_text.exe to open a .txt file within an attacker's %LOCALAPPDATA%\Temp\sublime_text folder. NOTE: the vendor's position is "This does not appear to be a bug with Sublime Text, but rather one with Windows that has been patched.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sublimetext | Sublime Text 3 | 3.1.1 |
References
- https://github.com/SublimeTextIssues/Core/issues/2544Exploit, Third Party Advisory
- https://github.com/SublimeTextIssues/Core/issues/2544Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-9116?
How severe is CVE-2019-9116?
How do I fix CVE-2019-9116?
Are you affected by CVE-2019-9116?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST