Design/Logic Flaw

2019-02-1318:29:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.5%

JSON

Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

CPENameOperatorVersion
lhmeltingle1.65.3.6
lmlzh32.dllle2.67.1.2
unarj32.dllle1.10.1.25
unlha32.dllle2.67.1.2

Name	Operator	Version
lhmelting	le	1.65.3.6
lmlzh32.dll	le	2.67.1.2
unarj32.dll	le	1.10.1.25
unlha32.dll	le	2.67.1.2

References

jvn.jp/en/jp/JVN52168232/index.html

micco.mars.jp/vul/2017/mhsvi20170515_02.htm

micco.mars.jp/vul/2017/mhsvi20170515_04.htm

micco.mars.jp/vul/2017/mhsvi20170515_05.htm

micco.mars.jp/vul/2017/mhsvi20170515_03.htm