Lucene search
K

155 matches found

NVD
NVD
added 2017/07/17 1:18 p.m.14 views

CVE-2017-2271

Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

9.3CVSS7.7AI score0.0108EPSS
Exploits0References1
Prion
Prion
added 2017/07/17 1:18 p.m.17 views

Design/Logic Flaw

Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.2.8.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

9.3CVSS7.6AI score0.0108EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/07/17 1:18 p.m.17 views

Design/Logic Flaw

Untrusted search path vulnerability in Self-extracting archive files created by Lhaz version 2.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

9.3CVSS7.7AI score0.01059EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2017/07/17 1:18 p.m.18 views

Design/Logic Flaw

Untrusted search path vulnerability in self-extracting archive files created by File Compact Ver.5 version 5.10 and earlier, Ver.6 version 6.02 and earlier, Ver.7 version 7.02 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

9.3CVSS7.6AI score0.0108EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/07/17 1:18 p.m.17 views

Design/Logic Flaw

Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.3.2.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

9.3CVSS7.6AI score0.0108EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/07/14 4:0 p.m.48 views

CVE-2017-2249

The CVE-2017-2249 entry concerns an Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ (up to version 3.4.0). An attacker can gain privileges by placing a Trojan horse DLL in an unspecified directory, enabling code execution with the caller’s privileges when the...

9.3CVSS7.7AI score0.01059EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/07/14 4:0 p.m.51 views

CVE-2017-2252

This CVE affects File Compact self-extracting archives: vulnerable in Ver.5 up to 5.10, Ver.6 up to 6.02, and Ver.7 up to 7.02. Root cause is insecure DLL search path (CWE-427) allowing arbitrary code execution with the user’s privileges. Affected products should be updated to non-affected releas...

9.3CVSS7.7AI score0.0108EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/14 4:0 p.m.18 views

CVE-2017-2249

Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

7.7AI score0.01059EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/14 4:38 a.m.6 views

Self-Extracting Encrypted Files created by AttacheCase may insecurely load Dynamic Link Libraries

Overview AttacheCase is an open source file encryption software provided by HiBARA Software. It can also create self-extracting encrypted files. Self-extracting encrypted files created by AttacheCase contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link...

9.3CVSS6.8AI score0.0108EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/10 4:57 a.m.4 views

Self-Extracting Archives created by File Compact may insecurely load Dynamic Link Libraries

Overview File Compact provided by SOURCENEXT CORPORATION is compression/decompression software. It can also create self-extracting archive files. Self-extracting archive files created by File Compact contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link...

9.3CVSS6.8AI score0.0108EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/10 12:0 a.m.88 views

JVN#29939155: Self-Extracting Archives created by File Compact may insecurely load Dynamic Link Libraries

File Compact provided by SOURCENEXT CORPORATION is compression/decompression software. It can also create self-extracting archive files. Self-extracting archive files created by File Compact contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries...

9.3CVSS7.7AI score0.0108EPSS
Exploits0
OSV
OSV
added 2017/07/07 1:29 p.m.4 views

CVE-2017-2231

Untrusted search path vulnerability in The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017, The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till Jun...

7.8CVSS5.8AI score0.01231EPSS
Exploits0References3
OSV
OSV
added 2017/07/07 1:29 p.m.3 views

CVE-2017-2220

Untrusted search path vulnerability in Installer of CASL II simulator self-extract format allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8CVSS5.8AI score0.00911EPSS
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/07 5:18 a.m.6 views

Installers of Lhaz and Lhaz+, and Self-Extracting Archives created by Lhaz or Lhaz+ may insecurely load Dynamic Link Libraries

Overview Lhaz and Lhaz+ provided by Chitora soft contain the following vulnerabilities. Installers of Lhaz and Lhaz+ insecurely load Dynamic Link Libraries CWE-427 - CVE-2017-2246, CVE-2017-2248 Self-extracting archive files created by Lhaz or Lhaz+ insecurely load Dynamic Link Libraries CWE-427 ...

9.3CVSS7.1AI score0.01059EPSS
Exploits0References12
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/03 5:14 a.m.3 views

Installer and self-extracting archive containing the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system may insecurely load Dynamic Link Libraries

Overview The installer and the self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability...

9.3CVSS6.9AI score0.01231EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2017/07/03 12:0 a.m.86 views

JVN#06337557: Installer and self-extracting archive containing the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system may insecurely load Dynamic Link Libraries

The installer and the self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege of the us...

9.3CVSS7.7AI score0.01231EPSS
Exploits0
Metasploit
Metasploit
added 2017/06/27 5:37 a.m.104 views

Jenkins Credential Collector

This module can be used to extract saved Jenkins credentials, user tokens, SSH keys, and secrets. Interesting files will be stored in loot along with combined csv output. require 'nokogiri' require 'base64' require 'digest' require 'openssl' require 'sshkey' class MetasploitModule 'Jenkins...

6.8AI score
Exploits0
Prion
Prion
added 2017/04/28 4:59 p.m.20 views

Design/Logic Flaw

Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory...

6.9CVSS7.7AI score0.00816EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2017/04/28 4:59 p.m.5 views

CVE-2017-2107

Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8CVSS5.8AI score0.00816EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/04/28 4:0 p.m.24 views

CVE-2017-2107

Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8AI score0.00816EPSS
Exploits0References3
Rows per page
Query Builder