Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka “Library Loading Input Validation Remote Code Execution Vulnerability.”
[
{
"product": "Windows DLL",
"vendor": "Microsoft Corporation",
"versions": [
{
"status": "affected",
"version": "Windows Vista SP2 and Server 2008 SP2"
}
]
}
]