Microsoft Windows ReadDirectoryChangesW information leak

2007-02-22T00:00:00
ID SECURITYVULNS:VULN:7283
Type securityvulns
Reporter SECURITYVULNS
Modified 2007-02-22T00:00:00

Description

ReadDirectoryChangesW() API function doesn't check user's privileges for subtree folders, making it's possible for unprivileged user to gather information about sensitive files.