Full title: Microsoft Windows XP Professionnel Service Pack 2 & 3 Insecure Library Load 
Category: local exploits
Platform: windows
An insecure library loading vulnerability has been identified in
Microsoft Windows XP Professionnel Service Pack 2.
 
The application uses a fixed path to look for specific files or
libraries. This path includes directories that may not be trusted or
under user control.
 
By placing a custom version of a library in the application path, the
program will load it before the legitimate version. This allows an
attacker to inject custom code that will be run with the privilege of
the program or user executing the program.

# 0day.today @ http://0day.today/