N/A

Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expression Design 2, 3, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .xpr or .DESIGN file, aka "Expression Design Insecure Library Loading Vulnerability."

N/A

N/A

Microsoft Expression Design不可信搜索路径漏洞

Microsoft是微软发布的非常流行的操作系统。 Microsoft Expression Design，Expression Design SP1，Expression Design 2, 3及4版本中存在不可信搜索路径漏洞，该漏洞已被包含a .xpr或者.DESIGN的文件目录证实。本地用户可通过当前工作目录中的特洛伊木马动态链接库提升权限，也称‘Expression Design Insecure Library Loading Vulnerability’。

N/A

N/A