Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2017-2149
HistoryApr 28, 2017 - 4:00 p.m.

CVE-2017-2149

2017-04-2816:00:00
jpcert
www.cve.org
3

AI Score

8.9

Confidence

High

EPSS

0.006

Percentile

77.9%

JSON

Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WE series<W-03>) V3.00.01, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WD/WC series<W-02>) V2.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WB/WL series) V1.00.04 and earlier, SDHC Memory Card with embedded TransferJet functionality Configuration Software V1.02 and earlier, SDHC Memory Card with embedded TransferJet functionality Software Update tool V1.00.06 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.

CNA Affected

[
  {
    "product": "Installer for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool",
    "vendor": "Toshiba Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "V1.00.03 and earlier"
      }
    ]
  },
  {
    "product": "Installer for SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Configuration Software",
    "vendor": "Toshiba Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "V3.0.2 and earlier"
      }
    ]
  },
  {
    "product": "Installer for SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WE series<W-03>)",
    "vendor": "Toshiba Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "V3.00.01"
      }
    ]
  },
  {
    "product": "Installer for SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WD/WC series<W-02>)",
    "vendor": "Toshiba Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "V2.00.03 and earlier"
      }
    ]
  },
  {
    "product": "Installer for SDHC Memory Card with embedded wireless LAN functionality FlashAirTM Software Update tool (SD-WB/WL series)",
    "vendor": "Toshiba Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "V1.00.04 and earlier"
      }
    ]
  },
  {
    "product": "Installer for SDHC Memory Card with embedded TransferJetTM functionality Configuration Software",
    "vendor": "Toshiba Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "V1.02 and earlier"
      }
    ]
  },
  {
    "product": "Installer for SDHC Memory Card with embedded TransferJetTM functionality Software Update tool",
    "vendor": "Toshiba Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "V1.00.06 and earlier"
      }
    ]
  }
]

Related

cve 1
nvd 1
jvn 1
prion 1
cve
cve
CVE-2017-2149
2017-04-28 16:59:01
nvd
nvd
CVE-2017-2149
2017-04-28 16:59:01
jvn
jvn
JVN#05340816: Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries
2017-04-14 00:00:00
prion
prion
Design/Logic Flaw
2017-04-28 16:59:00

AI Score

8.9

Confidence

High

EPSS

0.006

Percentile

77.9%

JSON
Related for CVELIST:CVE-2017-2149
cve1nvd1jvn1prion1