EUVD-2017-11409

Malware in sbrugna...

EUVD-2016-5877

Malware in sbrugna...

EUVD-2023-50968

Malicious code in bioql PyPI...

CVE-2024-47045

Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...

CVE-2024-47045

Privilege chaining issue exists in the installer of e-Tax softwarecommon program. If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege...

PT-2024-32370 · E-Tax · E-Tax

Name of the Vulnerable Software and Affected Versions: e-Tax software affected versions not specified Description: A privilege chaining issue exists in the installer of the e-Tax software, allowing a malicious DLL prepared by an attacker to be executed with higher privileges than the application...

JVN#57749899: The installer of e-Tax software(common program) vulnerable to privilege escalation

The installer of e-Tax softwarecommon program provided by National Tax Agency contains a vulnerability which allows uploading a malicious DLL to be executed with higher privileges than that of an general user by altering registry CWE-268. Impact A malicious DLL prepared by an attacker may be...

CVE-2023-46802

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references XXE due to the configuration of the embedded XML parser. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

CVE-2023-46802

CVE-2023-46802 concerns the e-Tax software (versions 3.0.10 and earlier) with an XML External Entity (XXE) vulnerability caused by the embedded XML parser configuration. A specially crafted XML file can lead to exposure/read access to internal system files. Public sources consistently reference t...

CVE-2023-46802

e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references XXE due to the configuration of the embedded XML parser. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...

JVN#14762986: Improper restriction of XML external entity references (XXE) in e-Tax software

e-Tax software provided by National Tax Agency improperly restricts XML external entity references XXE CWE-611 due to the configuration of the embedded XML parser. Impact Processing a specially crafted XML file may lead to exposure of internal files on the system. Solution Update the Software...

Design/Logic Flaw

Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software WEB version 1.17.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-2226

Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software WEB version 1.17.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-2226

CVE-2017-2226 concerns a DLL search-path vulnerability in the Setup file of the National Tax Agency’s e-Tax software (WEB version). The installer for versions up to 1.17.0/1.17.1 insecurely loads dynamic libraries from an unspecified directory, enabling arbitrary code execution when a user runs t...

CVE-2017-2226

Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software WEB version 1.17.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

JVN#79451345: Installer of Setup file of advance preparation for e-Tax software (WEB version) may insecurely load Dynamic Link Libraries

Installer of Setup file of advance preparation for e-Tax software WEB version provided by National Tax Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact Arbitrary code may be executed with the privilege of the user invoking the...

Design/Logic Flaw

Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2016-4901

CVE-2016-4901 describes an untrusted search path vulnerability in the installer for e-Tax Software. The root cause is insecure DLL search path loading, which can allow a Trojan horse DLL placed in a specific directory to be loaded at install time. The impact is arbitrary code execution with the p...

CVE-2016-4901

Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory...

The installer of e-Tax Software may insecurely load Dynamic Link Libraries

Overview The installer of e-Tax Software provided by National Tax Agency contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the...