EUVD-2017-11396

Malware in sbrugna...

SemiDynaEXE Installer Untrusted Search Path Vulnerability

SemiDynaEXE is a coordinate exchange software suite released by the Japan Geographic Institute GSI. An untrustworthy search path vulnerability exists in the installer SemiDynaEXE2008.EXE in SemiDynaEXE version 1.0.2. The vulnerability can be exploited to gain privileges via a malicious DLL file i...

CVE-2017-2213

Untrusted search path vulnerability in SemiDynaEXE SemiDynaEXE2008.EXE ver. 1.0.2 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

Design/Logic Flaw

Untrusted search path vulnerability in SemiDynaEXE SemiDynaEXE2008.EXE ver. 1.0.2 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-2213

The CVE-2017-2213 entry concerns SemiDynaEXE2008.EXE (version 1.0.2). The vulnerability is an untrusted search path that allows privilege escalation via a Trojan horse DLL located in an unspecified directory. Affected component is the installer/executable SemiDynaEXE2008.EXE; root cause is insecu...

CVE-2017-2213

Untrusted search path vulnerability in SemiDynaEXE SemiDynaEXE2008.EXE ver. 1.0.2 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

The installer of SemiDynaEXE provided by Geospatial Information Authority of Japan (GSI) may insecurely load Dynamic Link Libraries

Overview The installer of SemiDynaEXE SemiDynaEXE2008.EXE provided by Geospatial Information Authority of Japan GSI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this vulnerability to IPA...