=====================================================
# Microsoft Visual Studio 2010 - DLL Hijacking
=====================================================
# Vendor Homepage: https://www.visualstudio.com/
# Date: 21 Oct 2016
# Version : 10.0.30319.1 RTMRel
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
=====================================================
# Description:
Sublime Text is a sophisticated text editor for code, markup and prose.


# Vulnerable Dll:
SspiCli.dll


# PoC:
1. Create a malicious dll file with 'SspiCli.dll' and save it
in "C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE" directory.

2. Execute Microsoft Visual Studio.

3. Malicious dll file gets executed.
=====================================================
# Discovered By : Ehsan Hosseini
=====================================================