26 matches found
EUVD-2017-2532
Malware in sbrugna...
EUVD-2018-1500
Malware in sbrugna...
EUVD-2017-2548
Malware in sbrugna...
Sony: DLL side-loading vulnerability in Sony Music Center for PC Ver. 2.7.2 (Latest version)
A DLL side-loading vulnerability was discovered in Sony Music Center for PC Ver. 2.7.2. The application insecurely searched for a missing DLL file in the system PATH environment, allowing an attacker with access to the victim's local machine to achieve arbitrary code execution by placing a...
music-center.co.il Cross Site Scripting vulnerability OBB-2288454
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2018-0690
An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files...
Information disclosure
An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files...
CVE-2018-0690
CVE-2018-0690 affects Sony Music Center for PC prior to 1.0.02, where the software update process does not validate updates securely. This enables a man-in-the-middle attacker to tamper with an update file and inject executable files during the update, potentially leading to code execution on the...
CVE-2018-0690
An unvalidated software update vulnerability in Music Center for PC version 1.0.02 and earlier could allow a man-in-the-middle attacker to tamper with an update file and inject executable files...
Music Center for PC Incorrectly Validates Software Update Files Vulnerability
Music Center for PC is an application for organizing and transferring music on audio devices made by Sony. Music Center for PC is vulnerable to incorrectly validating software update files, which, under a man-in-the-middle attack, could allow the download and execution of specially crafted...
Music Center for PC improperly verifies software update files
Overview Music Center for PC provided by Sony Video & Sound Products Inc. contains an issue in software update process CWE-669. As a result, under a man-in-the-middle attack, a specially crafted executable file may be downloaded and executed. DigiGnome reported this vulnerability to IPA. JPCERT/C...
CVE-2017-10909
Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10909
Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
Design/Logic Flaw
Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10909
Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-10909
CVE-2017-10909 is a DLL search path (CWE-427) vulnerability in the Music Center for PC installer. Affected versions are 1.0.01 and earlier. The issue allows arbitrary code execution with the privileges of the user invoking the installer due to insecurely loading DLLs from an unspecified directory...
The installer of Music Center for PC may insecurely load Dynamic Link Libraries
Overview Music Center for PC provided by Sony Video & Sound Products Inc. is a file management tool. The installer of Music Center for PC contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Note that this vulnerability is different from...
JVN#60695371: The installer of Music Center for PC may insecurely load Dynamic Link Libraries
Music Center for PC provided by Sony Video & Sound Products Inc. is a file management tool. The installer of Music Center for PC contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privileg...
Sony Music Center for PC Untrustworthy Search Path Vulnerability
Sony Music Center for PC is a PC-based music player from Sony Japan. An untrusted search path vulnerability exists in Sony Music Center for PC version 1.0.00. The vulnerability can be exploited to gain privileges via a malicious DLL in a directory...
CVE-2017-10892
Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...