6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0005 Low
EPSS
Percentile
17.8%
The LoadLibrary function in Microsoft Windows fails to validate input properly. As a result, it may load a specially crafted DLL file (CWE-114).
An arbitrary code may be executed as a result of an application loads a specially crafted DLL file.
Update the Software
This issue was addressed in MS15-063, released on June 10. 2015. Apply the update according to the information provided by Microsoft.