Internet Explorer Insecure Library Loading Vulnerability (CVE-2011-2019)

Untrusted search path vulnerability in Microsoft Internet Explorer 9 on Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an HTML file, aka "Internet Explorer Insecure Library Loading Vulnerability." nvd: Per: http://technet.microsoft.com/en-us/security/bulletin/ms11-099 'FAQ for Internet Explorer Insecure Library Loading Vulnerability - CVE-2011-2019 What is the scope of the vulnerability? This is a remote code execution vulnerability. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.' Per: http://cwe.mitre.org/data/definitions/426.html