JVN#58909026: HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries

2017-10-11T00:00:00
ID JVN:58909026
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-10-11T00:00:00

Description

## Description

HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).

## Impact

Arbitrary code may be executed with the privileges of the user running HIBUN Confidential File Decryption program.

## Solution

Use the latest HIBUN Confidential File Decryption program
Use the latest HIBUN Confidential File Decryption program according to the information provided by the developer.

## Products Affected

  • HIBUN Confidential File Decryption program prior to version 10.50.0.5