CVE-2016-3958
Privilege escalation on Windows via malicious DLL in syscall
EPSS 0.15%
Description
Untrusted search path vulnerability on Windows related to LoadLibrary allows local users to gain privileges via a malicious DLL in the current working directory.
How to fix CVE-2016-3958
To remediate CVE-2016-3958, upgrade the affected package to a fixed version below.
- Go/stdlib—upgrade to 1.5.4 or later
Is CVE-2016-3958 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.5.4, >= 1.6.0-0, < 1.6.1