← back
CVE-2016-3958

CVE-2016-3958

EPSS 0.4%
Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x before 1.6.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/golang/go/issues/14959https://go-review.googlesource.com/#/c/21428/https://groups.google.com/forum/#%21topic/golang-announce/9eqIHqaWvckhttp://www.openwall.com/lists/oss-security/2016/04/05/1http://www.openwall.com/lists/oss-security/2016/04/05/2