DLL Hijacking Vulnerability in Expat Library for Windows
CVE-2017-11742

7.8HIGH

Key Information:

Vendor: Libexpat Project
Status: Libexpat
Vendor: CVE Published:; 30 July 2017

Summary

The libexpat library versions 2.2.1 and 2.2.2 on Windows contain a vulnerability in the writeRandomBytes_RtlGenRandom function located in xmlparse.c. This enables local users to exploit the untrusted search path through the use of a Trojan horse ADVAPI32.DLL placed in the current working directory. As a result, attackers can gain unauthorized privileges, posing a significant security threat.

References

https://github.com/libexpat/libexpat/issues/82

x_refsource_CONFIRM

http://www.securityfocus.com/bid/100147

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 30, 2017
Vulnerability Reserved
Jul 30, 2017