Search criteria
3 vulnerabilities found for EbidSettingChecker.exe by Ministry of Education, Culture, Sports, Science and Technology (MEXT)
CVE-2017-2225 (GCVE-0-2017-2225)
Vulnerability from nvd – Published: 2017-07-07 13:00 – Updated: 2024-08-05 13:48
VLAI?
Summary
Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity ?
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ministry of Education, Culture, Sports, Science and Technology (MEXT) | EbidSettingChecker.exe |
Affected:
(version 1.0.0.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:04.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#01775119",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01775119/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://portal.ebid.mext.go.jp/top/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EbidSettingChecker.exe",
"vendor": "Ministry of Education, Culture, Sports, Science and Technology (MEXT)",
"versions": [
{
"status": "affected",
"version": "(version 1.0.0.0)"
}
]
}
],
"datePublic": "2017-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T12:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#01775119",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN01775119/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://portal.ebid.mext.go.jp/top/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EbidSettingChecker.exe",
"version": {
"version_data": [
{
"version_value": "(version 1.0.0.0)"
}
]
}
}
]
},
"vendor_name": "Ministry of Education, Culture, Sports, Science and Technology (MEXT)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#01775119",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN01775119/index.html"
},
{
"name": "http://portal.ebid.mext.go.jp/top/",
"refsource": "MISC",
"url": "http://portal.ebid.mext.go.jp/top/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2225",
"datePublished": "2017-07-07T13:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:04.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2225 (GCVE-0-2017-2225)
Vulnerability from cvelistv5 – Published: 2017-07-07 13:00 – Updated: 2024-08-05 13:48
VLAI?
Summary
Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity ?
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Ministry of Education, Culture, Sports, Science and Technology (MEXT) | EbidSettingChecker.exe |
Affected:
(version 1.0.0.0)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:04.480Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#01775119",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01775119/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://portal.ebid.mext.go.jp/top/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "EbidSettingChecker.exe",
"vendor": "Ministry of Education, Culture, Sports, Science and Technology (MEXT)",
"versions": [
{
"status": "affected",
"version": "(version 1.0.0.0)"
}
]
}
],
"datePublic": "2017-06-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T12:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#01775119",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN01775119/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://portal.ebid.mext.go.jp/top/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "EbidSettingChecker.exe",
"version": {
"version_data": [
{
"version_value": "(version 1.0.0.0)"
}
]
}
}
]
},
"vendor_name": "Ministry of Education, Culture, Sports, Science and Technology (MEXT)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#01775119",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN01775119/index.html"
},
{
"name": "http://portal.ebid.mext.go.jp/top/",
"refsource": "MISC",
"url": "http://portal.ebid.mext.go.jp/top/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2225",
"datePublished": "2017-07-07T13:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:04.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2017-000144
Vulnerability from jvndb - Published: 2017-06-26 14:28 - Updated:2018-02-07 13:40
Severity ?
Summary
Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology may insecurely load Dynamic Link Libraries
Details
Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology (MEXT) contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Takashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000144.html",
"dc:date": "2018-02-07T13:40+09:00",
"dcterms:issued": "2017-06-26T14:28+09:00",
"dcterms:modified": "2018-02-07T13:40+09:00",
"description": "Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology (MEXT) contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nTakashi Yoshikawa of Mitsui Bussan Secure Directions reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000144.html",
"sec:cpe": {
"#text": "cpe:/a:mext:ebidsettingchecker",
"@product": "EbidSettingChecker.exe",
"@vendor": "Ministry of Education, Culture, Sports, Science and Technology (MEXT)",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000144",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN01775119/index.html",
"@id": "JVN#01775119",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2225",
"@id": "CVE-2017-2225",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-2225",
"@id": "CVE-2017-2225",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Denshi Nyusatsu Check Tool provided by Ministry of Education, Culture, Sports, Science and Technology may insecurely load Dynamic Link Libraries"
}