The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries

Overview The electronic authentication system based on the commercial registration system "The CRCA user's Software" provided by the Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. DigiGnome and BlackWingCat of...

Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries

Overview Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability ...

Installers of Sony PaSoRi related software may insecurely load Dynamic Link Libraries

Overview PaSoRi provided by Sony Corporation is contactless IC card reader/writer. Installers of PaSoRi driver and other related software for Windows contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab...

Installer of LhaForge may insecurely load Dynamic Link Libraries

Overview LhaForge is a file compression/decompression software. The installer of LhaForge contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with t...

Installers of Mozilla Firefox and Thunderbird for Windows may insecurely load Dynamic Link Libraries

Overview Installers of Mozilla Firefox and Thunderbird for Windows provided by Mozilla Foundation contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated...

Installer of Charamin OMP may insecurely load Dynamic Link Libraries

Overview The installer of Charamin OMP provided by Charamin steering committee contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...

RW-4040 driver installer may insecurely load Dynamic Link Libraries

Overview RW-4040 driver installer for IC Card Reader/Writer devices provided by Sharp Corporation contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and BlackWingCat of PinkFlyingWhale reporte...

Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely load Dynamic Link Libraries

Overview Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...

PonyOS 4.0 fluttershy LD_LIBRARY_PATH Privilege Escalation

!/usr/bin/python PonyOS 4.0 has added several improvements over previous releases including support for setuid binaries and dynamic libraries. The run-time linker does not sanitize environment variables when running setuid files allowing for local root exploitation through manipulated...

PonyOS 4.0 - fluttershy LD_LIBRARY_PATH Local Kernel Exploit

Exploit for linux platform in category local exploits !/usr/bin/python PonyOS 4.0 has added several improvements over previous releases including support for setuid binaries and dynamic libraries. The run-time linker does not sanitize environment variables when running setuid files allowing for...

Linux Kernel (PonyOS 4.0) - 'fluttershy' LD_LIBRARY_PATH Local Privilege Escalation

!/usr/bin/python PonyOS 4.0 has added several improvements over previous releases including support for setuid binaries and dynamic libraries. The run-time linker does not sanitize environment variables when running setuid files allowing for local root exploitation through manipulated...

IBM Security AppScan Source Arbitrary Code Execution Vulnerability

IBM Security AppScan Source is a set of security testing tools for Web applications from the U.S. company IBM. IBM Security AppScan Source fails to execute the full path of the dynamic link library, allowing remote attackers can build specially crafted libraries to applications to execute arbitra...

Xunlei Elevation of Privilege Vulnerability

Thunderbolt is a popular P2P download tool. Xunlei has a security vulnerability, as the system service installed by Xunlei provides the function of loading dynamic link libraries, but is not validated, allowing an attacker to exploit the vulnerability by executing code as SYSTEM under any user,...

Xunlei Extreme Edition Elevation of Privilege Vulnerability

Thunderbolt Extreme offers the latest version of Extreme for download. The system service installed in Xunlei Extreme Edition provides the function of loading dynamic link libraries, but it is not validated, resulting in the ability to execute code as SYSTEM under any user, resulting in elevated...

Apple Mac OS X Gatekeeper Bypass

Gatekeeper is Mac OS X’s guardian against rogue applications and malware sneaking into Apple’s famous walled garden. It’s also been a favorite target of researchers and advanced attackers desperate to gain control of Apple devices. Tomorrow at Virus Bulletin in Prague, researcher Patrick Wardle,...

IBM DB2 privilege escalation

Insecure dynamic libraries loading...

AutoCAD may insecurely load dynamic libraries

Overview AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design CAD. AutoCAD contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. kaito834 reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

CVE-2011-5158

Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe components in DATEV Grundpaket Basis CD23.20 allow local users to gain privileges via a Trojan horse 1 DVBSKNLANG101.dll or 2 DvZediTermSrvInfo004.dll file in the current working directory, as demonstrat...

Multiple JustSystems products may insecurely load dynamic libraries

Overview Multiple JustSystems products may use unsafe methods for determining how to load DLL's. Multiple JustSystems products contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Naoto Katsumi of LAC Co., Ltd. reported this vulnerability to IPA...

OpenSSH < 3.6.1p2 Multiple Vulnerabilities

According to its banner, the version of OpenSSH running on the remote host is ealier than 3.6.1p2. When compiled for the AIX operating system with a compiler other than that of the native AIX compiler, an error exists that can allow dynamic libraries in the current directory to be loaded before...