Описание
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability."
Комментарий
Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Одновременно
Одновременно
Одно из
Одновременно
Одно из
Одновременно
Одно из
EPSS
7.4 High
CVSS3
9.3 Critical
CVSS2
Дефекты
Связанные уязвимости
Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka "Remote Desktop Insecure Library Loading Vulnerability."
EPSS
7.4 High
CVSS3
9.3 Critical
CVSS2