Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7, when using an environment configured with a string such as %APPDATA% or %PROGRAMFILES% in a certain way, allows local users to gain privileges via a Trojan horse DLL under the current working directory, as demonstrated by iTunes and Safari.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows ‘Shell32.dll’ 不可信搜索路径漏洞
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Microsoft Windows 2000、Windows XP、 Windows Vista、 Windows Server 2008和Windows 7系统中的Shell32.dll中存在不可信搜索路径漏洞,该漏洞源于使用了以特定方式用字符串%APPDATA% 或 %PROGRAMFILES%配置的环境变量。本地用户可利用该漏洞借助当前工作目录中的特洛伊木马DLL获取权限。该漏洞已通过iTunes和Safa
CVSS Information
N/A
Vulnerability Type
N/A