Lucene search
JpcertCVELIST:CVE-2018-0624HistorySep 07, 2018 - 2:00 p.m.
CVE-2018-0624
2018-09-0714:00:00
jpcert
www.cve.org
9
EPSS
0.001
Percentile
25.4%
Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver.20.0.2 and earlier, and Yayoi Kokyaku Kanri 17 Ver.11.0.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This flaw exists within the handling of ykkapi.dll loaded by the vulnerable products.
CNA Affected
[
{
"product": "Multiple Yayoi 17 Series products",
"vendor": "Yayoi Co., Ltd.",
"versions": [
{
"status": "affected",
"version": "(Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver.20.0.2 and earlier, and Yayoi Kokyaku Kanri 17 Ver.11.0.2 and earlier)"
}
]
}
]References
Related
prion
prion
Design/Logic Flaw
2018-09-07 14:29:00
cve
cve
CVE-2018-0624
2018-09-07 14:29:00
nvd
nvd
CVE-2018-0624
2018-09-07 14:29:00
talosblog
talosblog
exploitpack
exploitpack
Microsoft COM for Windows - Privilege Escalation
2018-06-18 00:00:00
canvas
canvas
Immunity Canvas: UNMARSHAL_TO_SYSTEM
2018-09-07 14:29:00
exploitdb
exploitdb
Microsoft COM for Windows - Privilege Escalation
2018-06-18 00:00:00
thn
thn
jvn
jvn
zdt
zdt
Microsoft COM for Windows - Privilege Escalation Exploit
2018-06-19 00:00:00