writeups.xyz / CVE-2023-38146: Arbitrary Code Execution via Windows Themes

Submitter : c2a

Date: 13 September 2023

Bounty : 5,000

Vulnerabilities :

• RCE
• TOCTOU
• DLL Hijacking

Programs :

• Microsoft (Windows)

Authors :

• Gabe_k

Link :
https://exploits.forsale/themebleed/