274 matches found
Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program may insecurely load Dynamic Link Libraries
Overview Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this...
JVN#73559859: Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program may insecurely load Dynamic Link Libraries
Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of...
JVN#71104430: Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries
Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege...
Installer of Qua station connection tool for Windows may insecurely load Dynamic Link Libraries
Overview Qua station provided KDDI CORPORATION is a 4G LTE photostrage. Qua station connection tool is used to view data saved on Qua station from a PC and/or save data on a PC. Installer of Qua station connection tool for Windows contains an issue with the DLL search path, which may lead to...
Installer of IP Messenger may insecurely load Dynamic Link Libraries
Overview IP Messenger is a LAN Messenger based on TCP/IP. IP Messenger contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
Installer of Tween may insecurely load Dynamic Link Libraries
Overview Tween is a twitter client application. Installer of Tween contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#17523256: Installer of Tween may insecurely load Dynamic Link Libraries
Tween is a twitter client application. Installer of Tween contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the user invoking the installer. Solution Use the latest installer...
Self-Extracting Encrypted Files created by AttacheCase may insecurely load Dynamic Link Libraries
Overview AttacheCase is an open source file encryption software provided by HiBARA Software. It can also create self-extracting encrypted files. Self-extracting encrypted files created by AttacheCase contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link...
JVN#61502349: Self-Extracting Encrypted Files created by AttacheCase may insecurely load Dynamic Link Libraries
AttacheCase is an open source file encryption software provided by HiBARA Software. It can also create self-extracting encrypted files. Self-extracting encrypted files created by AttacheCase contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...
JVN#42031953: FileCapsule Deluxe Portable and Encrypted Files in Self-Decryption Format created by FileCapsule Deluxe Portable may insecurely load Dynamic Link Libraries
FileCapsule Deluxe Portable is a file encryption software. FileCapsule Deluxe Portable contains the following vulnerabilities. FileCapsule Deluxe Portable insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2265, CVE-2017-2267, CVE-2017-2269 Version| Vector| Score ---|---|--- CVSS v3|...
Self-Extracting Archives created by File Compact may insecurely load Dynamic Link Libraries
Overview File Compact provided by SOURCENEXT CORPORATION is compression/decompression software. It can also create self-extracting archive files. Self-extracting archive files created by File Compact contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link...
Microsoft IME may insecurely load Dynamic Link Libraries
Overview Microsoft IME, bundled with Microsoft Windows, contains an issue in loading DLLs. When some application programs are invoked, they may initiate Microsoft IME. This IME, when initiated, checks a certain registry key for a file path to a DLL file and loads it. This registry key does not...
Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries
Overview Lhaz and Lhaz+ provided by Chitora soft contain the following vulnerabilities. Installers of Lhaz and Lhaz+ insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2246, CVE-2017-2248 Self-extracting archive files created by Lhaz or Lhaz+ insecurely load Dynamic Link Libraries CWE-427 ...
JVN#21369452: Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries
Lhaz and Lhaz+ provided by Chitora soft contain the following vulnerabilities. Installers of Lhaz and Lhaz+ insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2246, CVE-2017-2248 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H| Base Score: 7.8 CVSS...
JVN#21627267: Microsoft IME may insecurely load Dynamic Link Libraries
Microsoft IME, bundled with Microsoft Windows, contains an issue in loading DLLs. When some application programs are invoked, they may initiate Microsoft IME. This IME, when initiated, checks a certain registry key for a file path to a DLL file and loads it. This registry key does not exist by...
Installer of Douroshisetu Kihon Data Sakusei System may insecurely load Dynamic Link Libraries
Overview The installer of Douroshisetu Kihon Data Sakusei System provided by National Institute for Land and Infrastructure Management contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this...
Installer of PDF Digital Signature Plugin provided by the Ministry of Justice may insecurely load Dynamic Link Libraries
Overview Installer of PDF Digital Signature Plugin provided by the Ministry of Justice contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and Eili Masami of Tachibana Lab. reported this...
Installer of Setup file of advance preparation for e-Tax software (WEB version) may insecurely load Dynamic Link Libraries
Overview Installer of Setup file of advance preparation for e-Tax software WEB version provided by National Tax Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. BlackWingCat of Pink Flying Whale reported this vulnerability to IPA...
Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology may insecurely load Dynamic Link Libraries
Overview Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology MEXT contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Takashi Yoshikawa of Mitsui Bussan Secure Directions reported this...
Installer of QuickTime for Windows may insecurely load Dynamic Link Libraries
Overview Installer of QuickTime for Windows contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...