10 matches found
EUVD-2021-8092
Malicious code in bioql PyPI...
CVE-2021-20674
Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a...
CVE-2021-20674
Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a...
CVE-2021-20674
Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a...
Design/Logic Flaw
Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a...
CVE-2021-20674
The CVE-2021-20674 entry concerns the Installer of the MagicConnect Client program (pre-2021-03-01 distribution) with an insecure DLL loading path (CWE-427). The root cause is insecure dynamic library loading by the installer when a terminal is connected remotely via Remote Desktop, enabling arbi...
CVE-2021-20674
Untrusted search path vulnerability in Installer of MagicConnect Client program distributed before 2021 March 1 allows an attacker to gain privileges and via a Trojan horse DLL in an unspecified directory and to execute arbitrary code with the privilege of the user invoking the installer when a...
Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries
Overview Installer of MagicConnect Client program provided by NTT TechnoCross Corporation contains a vulnerability which may lead to insecurely loading Dynamic Link Libraries CWE-427 when a terminal is connected remotely using Remote desktop. Yuji Tounai of Mitsui Bussan Secure Directions, Inc...
JVN#18056666: Installer of MagicConnect Client program may insecurely load Dynamic Link Libraries
Installer of MagicConnect Client program provided by NTT TechnoCross Corporation contains a vulnerability which may lead to insecurely loading Dynamic Link Libraries CWE-427 when a terminal is connected remotely using Remote desktop. Impact Arbitrary code may be executed with the privilege of the...
NTT TechnoCross MagicConnect 代码问题漏洞
NTT TechnoCross MagicConnect is an application software from NTT TechnoCross Japan. It provides a service to operate an office PC by invoking the screen image of a remote device. MagicConnect suffers from a code issue vulnerability that allows an attacker to gain privileges and execute arbitrary...