JVN#09293613: Installer of Charamin OMP may insecurely load Dynamic Link Libraries

The installer of Charamin OMP provided by Charamin steering committee contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest...

JVN#94771799: Installer of QuickTime for Windows may insecurely load Dynamic Link Libraries

Installer of QuickTime for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Do not use Installer of QuickTime for Windows T...

Installer of "Setup file of advance preparation" may insecurely load Dinamic Link Libraries

Overview "Setup file of advance preparation" provided by National Tax Agency is software to setup the environment which is required to use "filing assistance on the NTA website". "Setup file of advance preparation"contains an issue with the DLL search path, which may lead to insecurely loading...

JVN#24087303: Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries

Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the privileges of the running application. Solution Use the latest...

Installer of SaAT Personal may insecurely load Dynamic Link Libraries

Overview The installer of SaAT Personal provided by NetMove Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. DigiGnome reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Securit...

Installer of Tera Term may insecurely load Dynamic Link Libraries

Overview The installer of Tera Term provided by TeraTerm Project contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informati...

JVN#92422409: The installer of the Ministry of Justice [The electronic authentication system based on the commercial registration system "The CRCA user's Software"] may insecurely load Dynamic Link Libraries

The electronic authentication system based on the commercial registration system "The CRCA user's Software" provided by the Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the...

Multiple JustSystems products including Hanako may insecurely load Dynamic Link Libraries

Overview Hanako and multiple software suites containing Hanako provided by JustSystems Corporation contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eiji James Yoshida of Security Professionals Network Inc. reported this vulnerability to IPA...

Baidu Browser suffers from dll hijacking vulnerability

Baidu Browser is a browser. Baidu Browser suffers from a dll hijacking vulnerability, which is caused by the baidubrowser.exe component in Baidu Browser loading library files insecurely, which can be exploited by constructing a malicious application and placing it in a specific path to maliciousl...

CVE-2017-3013

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an insecure library loading DLL hijacking vulnerability in a DLL related to remote logging...

Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries

Overview PhishWall Client Internet Explorer version, provided by SecureBrain Corporation, is an anti-phishing and anti-MITB software. The installer of PhishWall Client Internet Explorer version contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

JVN#93699304: Installer of PhishWall Client Internet Explorer version may insecurely load Dynamic Link Libraries

PhishWall Client Internet Explorer version, provided by SecureBrain Corporation, is an anti-phishing and anti-MITB software. The installer of PhishWall Client Internet Explorer version contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427...

JVN#88713190: PrimeDrive Desktop Application Installer may insecurely load Dynamic Link Libraries

PrimeDrive Desktop Application is the client application for PrimeDrive online storage service provided by SoftBank Corp. The installer of PrimeDrive Desktop Application is vulnerable to load specific Dynamic Link Libraries in the same directory CWE-427 . Impact Arbitrary code may be executed wit...

Self-Extracting Archives created by 7-ZIP32.DLL may insecurely load Dynamic Link Libraries

Overview 7-ZIP32.DLL is an open source library for compressing and decompressing 7z and zip format files. It can also create self-extracting archive files. Self-extracting archive files created by 7-ZIP32.DLL contain an issue with the DLL search path, which may lead to insecurely loading Dynamic...

The installer of e-Tax Software may insecurely load Dynamic Link Libraries

Overview The installer of e-Tax Software provided by National Tax Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the...

VMware Workstation 12.x < 12.5.0 Multiple Vulnerabilities (VMSA-2016-0014)

The version of VMware Workstation installed on the remote host is 12.x prior to 12.5.0. It is, therefore, affected by multiple vulnerabilities : - A heap buffer overflow condition exists in Cortado ThinPrint due to improper validation of user-supplied input. An attacker on the guest can exploit...

AutoCAD may insecurely load dynamic libraries

Overview AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design CAD. AutoCAD contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. kaito834 reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

JVN#43254599: AutoCAD may insecurely load dynamic libraries

AutoCAD provided by Autodesk, Inc. is an application for comuputer-aided design CAD. AutoCAD contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact Arbitrary code may be executed with the privileges of the running application. Solution Upgrade t...

Adobe Acrobat Multiple Vulnerabilities (Apr 2012) - Windows

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...

mora Downloader may insecurely load executable files

Overview mora Downloader may use unsafe methods for determining how to load executables .exe mora Downloader contains an issue in the file search path when loading files, which may insecurely load executables or other files. Kazuhiko Kusano of Graduate School of Information Sciences, Tohoku...