Sublime Text Editor version 3 suffers from a dll hijacking vulnerability.
35eb40b9dc35ec2a09f2dfd91ac16b3064f107582670741e3e92f43d9203a033
=====================================================
# Sublime Text Editor 3 - DLL Hijacking
=====================================================
# Vendor Homepage: https://www.sublimetext.com/
# Date: 20 Oct 2016
# Software Link : https://download.sublimetext.com/Sublime Text Build
3126 Setup.exe
# Version : Build 3126
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
=====================================================
# Description:
Sublime Text is a sophisticated text editor for code, markup and prose.
# Vulnerable Dlls:
SspiCli.dll
DNSAPI.dll
urlmon.dll
iertutil.dll
dbghelp.dll
dbgcore.DLL
bcryptPrimitives.dll
dwrite.dll
CRYPTBASE.dll
# PoC:
1. Create a malicious dll file(with vulnerable dll name) and save it
in "C:\Program Files\Sublime Text 3" directory.
2. Execute "sublime_text.exe" from "C:\Program Files\Sublime Text 3" directory.
3. Malicious dll file gets executed.
=====================================================
# Discovered By : Ehsan Hosseini
=====================================================