Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Expat on Windows 安全漏洞
Vulnerability Description
Expat on Windows是美国软件开发者吉姆-克拉克所研发的一个运行在Windows中使用C语言编写的XML解析器库。 基于Windows平台的Expat 2.2.1版本和2.2.2版本中的libexpat的xmlparse.c文件的‘writeRandomBytes_RtlGenRandom’函数存在安全漏洞。本地攻击者可借助当前工作路径下的恶意ADVAPI32.DLL利用该漏洞获取权限。
CVSS Information
N/A
Vulnerability Type
N/A