Computer Security
[EN] no-pyccku

Microsoft Expression Design unsafe DLL loading
SecurityVulns ID:12248
Threat Level:
Description:Unsafe DLL loading on .xpr and .design files processing.
Affected:MICROSOFT : Microsoft Expression Design 2
 MICROSOFT : Microsoft Expression Design 3
 MICROSOFT : Microsoft Expression Design 4
CVE:CVE-2012-0016 (Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expression Design 2, 3, and 4 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .xpr or .DESIGN file, aka "Expression Design Insecure Library Loading Vulnerability.")
Files:Microsoft Security Bulletin MS12-022 - Important Vulnerability in Expression Design Could Allow Remote Code Execution (2651018)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod