The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libexpat_project libexpat 2.2.1 |
||
libexpat_project libexpat 2.2.2 |