This weakness occurs when application uses fixed or controlled search path to find resources but one or more locations of the path are under control of malicious user.
It is frequently introduced when a product uses a directory search path to find executables or code libraries, but the path contains a directory that can be modified by an attacker, such as "/tmp" or the current working directory.
If an attacker gains control over one of the locations that is searched by the system, he can place a malicious library with the corresponding name into this directory and the library will be loaded by the application.
The weakness is introduced during Implementation stage.
Latest vulnerabilities for CWE-427
Description of CWE-427 on Mitre website