Security Advisory

CVE-2017-11742

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-07-30 14:00:00

Last updated 2024-08-05 18:19:39

Assigner mitre

State PUBLISHED

Description

The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.

← Browse all CVEs View on cve.org ↗