CVE-2016-3958

Source
https://nvd.nist.gov/vuln/detail/CVE-2016-3958
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-3958.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-3958
Aliases
Published
2016-05-23T19:59:03Z
Modified
2025-04-12T13:26:59.274386Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x before 1.6.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function.

References

Affected packages

Git / github.com/golang/go

Affected ranges

Type
GIT
Repo
https://github.com/golang/go
Events

Affected versions

go1.*

go1.5
go1.5.1
go1.5.2
go1.5.3