CVE-2007-6753

Description

Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7, when using an environment configured with a string such as %APPDATA% or %PROGRAMFILES% in a certain way, allows local users to gain privileges via a Trojan horse DLL under the current working directory, as demonstrated by iTunes and Safari.

Related CPE's

omicrosoftwindows_2000********

omicrosoftwindows_server_2008-*******

omicrosoftwindows_vista********

omicrosoftwindows_7********

omicrosoftwindows_xp********

References

http://blog.acrossecurity.com/2010/10/breaking-setdlldirectory-protection.html

329308

41984

Vendor Advisory

44484

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:L/AC:H/Au:N/C:C/I:C/A:C

AccessVector

LOCAL

AccessComplexity

HIGH

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

6.199999809265137

Created by Yello
About Severity.io