Vulnerability
Quick Heal Internet Security Uncontrolled Search Path Element Vulnerability
Vulnerability Description
We found that the Quick Heal Installer Downloader (QuickHealInternetSecurity.EXE
) and Quick Heal Installer (QHISFT32.EXE
) application uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actor.
This vulnerability is called as Insecure Library Loading also known as DLL Hijacking attack.
Vendor
Products
- Quick Heal Internet Security 10.1.0.316 and prior
- Quick Heal Total Security 10.1.0.316 and prior
- Quick Heal AntiVirus Pro 10.1.0.316 and prior
Disclosure Timeline
- 9 June 2016 – Reported to vendor
- 11 June 2016 – Received acknowledgement from vendor
- 1 August 2016 – Patch released
Credits
Ashfaq Ansari – Project Srishti – Payatu Technologies