Search

Find a vulnerability

Search criteria

    1 vulnerability found for CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT by CELSYS,Inc.

    JVNDB-2018-000041

    Vulnerability from jvndb - Published: 2018-04-27 15:19 - Updated:2018-08-30 14:12
    Severity
    Summary
    The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries
    Details
    The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000041.html",
      "dc:date": "2018-08-30T14:12+09:00",
      "dcterms:issued": "2018-04-27T15:19+09:00",
      "dcterms:modified": "2018-08-30T14:12+09:00",
      "description": "The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000041.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_action",
          "@product": "CLIP STUDIO ACTION (for Windows)",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_modeler",
          "@product": "CLIP STUDIO MODELER (for Windows) ",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_paint",
          "@product": "CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_paint",
          "@product": "CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000041",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN68345747/index.html",
          "@id": "JVN#68345747",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0580",
          "@id": "CVE-2018-0580",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0580",
          "@id": "CVE-2018-0580",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries"
    }