2 matches found
SemiDynaEXE Installer Untrusted Search Path Vulnerability
SemiDynaEXE is a coordinate exchange software suite released by the Japan Geographic Institute GSI. An untrustworthy search path vulnerability exists in the installer SemiDynaEXE2008.EXE in SemiDynaEXE version 1.0.2. The vulnerability can be exploited to gain privileges via a malicious DLL file i...
The installer of SemiDynaEXE provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries
Overview The installer of SemiDynaEXE SemiDynaEXE2008.EXE provided by Geospatial Information Authority of Japan GSI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...