6 matches found
Design/Logic Flaw
Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory...
CVE-2017-2208
CVE-2017-2208 is an untrusted search path vulnerability in the Installer of the Electronic tendering and bid opening system (available before 12 June 2017). The root cause is an insecure search path that allows a specially crafted executable in an unspecified directory to be executed, enabling ar...
CVE-2017-2208
Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory...
JVN#27198823: Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency may insecurely invoke an executable file
Installer of electronic tendering and bid opening system provided by Acquisition, Technology & Logistics Agency contains an issue with the search path for executable files, which may lead to insecurely invoking an executable file. Impact This vulnerability can be exploited when the following...
Design/Logic Flaw
Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2017-2178
CVE-2017-2178 describes an untrusted search path vulnerability in the Installer of the ATLA (Acquisition, Technology & Logistics Agency) electronic tendering and bid opening system. The root cause is insecure DLL loading (DLL search path issue) that could allow arbitrary code execution via a Troj...