IDA SDK version 6.9 Demo and IDA 5.0 Freeware suffer from a DLL hijacking vulnerability.
48366b45036a800a749b85bca2248bdb06ecde55c5a24ec7a1a74aa165a54239
Software : Interactive DisAssembler (IDA PRO)
Version: <= IDA SDK 6.9 demo
IDA 5.0 Freeware
Software Link: https://www.hex-rays.com/products/ida/support/download.shtml
Tested on: WINDOWS XP SP3 - 32 bit, WINDOWS 7 SP1 - 32 bit, Windows 8.1 32 bit
IDA Pro suffers from DLL HIJACK Vulnerability from .idb file formats
with idadmng.dll file.
Details: *.idb file is a saved file of any disassembled file.
Vulnerable DLL: idadmng.dll
Exploitation Steps:
Step 1: Open any file in IDA Pro 5.0 Freeware or SDK 6.9 and save that
opened disassembled file in a *.idb file.
Step 2: Now send that saved *.idb file along with the malicious dll to
the system or the person you want to get access.
Step 3: Now whenever that person opens that .idb file in IDA Pro you
can get the meterpreter or the shell of the target system.