Code Injection through DLL Sideloading in 64bit Oracle Java(CVE-2017-3511)

This blog post is about a DLL sideloading vulnerability in the 64bit Windows version of Oracle Java. It allows any local user to inject code in Java processes of other users. At the time of writing it has been verified with the latest stable 64bit Java version 1.8.0101 on both a fully patched...