First published: Wed Mar 28 2012(Updated: )
Untrusted search path vulnerability in Shell32.dll in Microsoft Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7, when using an environment configured with a string such as %APPDATA% or %PROGRAMFILES% in a certain way, allows local users to gain privileges via a Trojan horse DLL under the current working directory, as demonstrated by iTunes and Safari.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 2000 | ||
Microsoft Windows 7 | ||
Microsoft Windows Server | ||
Microsoft Windows Vista | ||
Microsoft Windows XP |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2007-6753 is a high severity vulnerability that allows local users to gain elevated privileges.
To mitigate CVE-2007-6753, ensure that your system is updated with the latest security patches from Microsoft.
CVE-2007-6753 affects Windows 2000, Windows XP, Windows Vista, Windows Server 2008, and Windows 7.
CVE-2007-6753 is classified as an untrusted search path vulnerability.
CVE-2007-6753 requires local access to the machine for exploitation.