Microsoft Visual Studio 2010 suffers from a dll hijacking vulnerability.
d212488925b4776c7e3e66335b8a529a94b4ec6600a4429a712b72399ec4f2eb
=====================================================
# Microsoft Visual Studio 2010 - DLL Hijacking
=====================================================
# Vendor Homepage: https://www.visualstudio.com/
# Date: 21 Oct 2016
# Version : 10.0.30319.1 RTMRel
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
=====================================================
# Description:
Sublime Text is a sophisticated text editor for code, markup and prose.
# Vulnerable Dll:
SspiCli.dll
# PoC:
1. Create a malicious dll file with 'SspiCli.dll' and save it
in "C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE" directory.
2. Execute Microsoft Visual Studio.
3. Malicious dll file gets executed.
=====================================================
# Discovered By : Ehsan Hosseini
=====================================================