Help & Manual Professional Edition 5.5.1 (ijl15.dll) DLL Hijacking Exploit

Title: Help & Manual Professional Edition 5.5.1 (ijl15.dll) DLL Hijacking Exploit
Advisory ID: ZSL-2011-5009
Type: Local/Remote
Impact: System Access
Risk: (4/5)
Release Date: 14.04.2011
Summary
Help & Manual 5 is a single-source help authoring and content management system for both single and multi-author editing.
Description
Help & Manual suffers from a DLL hijacking vulnerability that enables the attacker to execute arbitrary code on the affected machine. The vulnerable extensions are hmxz, hmxp, hmskin, hmx, hm3, hpj, hlp and chm thru ijl15.dll Intel's library.
Vendor
EC Software GmbH - http://www.helpandmanual.com
Affected Version
5.5.1 Build 1296
Tested On
Microsoft Windows XP Professional SP3 (EN)
Vendor Status
N/A
PoC
helpmanual_dll.c
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://packetstormsecurity.org/files/100426
[2] http://securityreason.com/exploitalert/10340
[3] http://secunia.com/advisories/44170/
[4] http://www.securityfocus.com/bid/47349
[5] http://osvdb.org/show/osvdb/71829
[6] http://cve.mitre.org/cgi-bin/cvename.cgi?name=2011-5155
Changelog
[14.04.2011] - Initial release
[15.04.2011] - Added reference [2], [3] and [4]
[18.04.2011] - Added reference [5]
[07.09.2012] - Added reference [6]
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk