ASA-2019-00580 – NSA Ghidra: Uncontrolled Search Path Element when executing CMD

When executing Ghidra from a given path, the Java process working directory is set to this path. Then, when launching the Python interpreter via the "Ghidra Codebrowser > Window > Python" option, Ghidra will try to execute the cmd.exe program from this working directory.

ASA-2019-00373 – PC-Doctor Toolbox: Uncontrolled Search Path Element

Uncontrolled search path element vulnerability in PC-Doctor Toolbox prior to version 7.3 allows local users to gain privileges and conduct DLL hijacking attacks via a trojan horse DLL located in an unsecured directory which has been added to the PATH environment variable.