###########################

# AppSamvid DLL Hijacking Vulnerability

###########################

Vulnerability Title: AppSamvid Local Code Execution Vulnerability
(ntmarta.dll)
Affected Product: AppSamvid
Product Homepage: https://cdac.in/index.aspx?id=cs_eps_usb_pra
CVE-ID : NA
Severity: Medium
Author: Sachin Wagh (@tiger_tigerboy)

*Description:*

AppSamvid contains a DLL hijacking vulnerability that could allow an
unauthenticated attacker to execute arbitrary code on the targeted system.
This vulnerability exists due to some DLL file is loaded by
aAppSamvid.2.0.1.Win7_64.exea improperly. And it allows an attacker to load
(ntmarta.dll)  DLL file of the attackeras choosing that could execute
arbitrary code without the user's knowledge.

*Affected Product:*

AppSamvid 2.0.1

*Impact:*

Attacker can exploit the vulnerability to load a DLL file of the attacker's
choosing that could execute arbitrary code. This may help attacker to
Successful exploits the system if user creates shell as a DLL.

*Proof-Of-Concept :*

1. Create malicious dll file and save it as 'ntmarta.dll' in your
"Downloads" directory.

2. Download AppSamvid (https://cdac.in/index.aspx?id=cs_eps_usb_pra) and
save it in your "Downloads"
   directory.

3. Execute AppSamvid from your "Downloads" directory.

4. Malicious dll file gets executed.

*Credit:*

*Sachin Wagh (tiger_tigerboy)*

###########################

# Iranian Exploit DataBase = http://IeDb.Ir [2017-03-18]

###########################