Search
Find a vulnerability
Search criteria
2 vulnerabilities found for Optical Disc Archive Software by Sony Corporation
JVNDB-2026-000084
Vulnerability from jvndb - Published: 2026-06-16 14:01 - Updated:2026-06-16 14:01
Severity
Summary
Improper file access permission settings in the installers for Optical Disc Archive Software for Windows
Details
Optical Disc Archive Software for Windows provided by Sony Corporation contains the following vulnerability.
- Incorrect default permissions (CWE-276) - CVE-2026-50255
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000084.html",
"dc:date": "2026-06-16T14:01+09:00",
"dcterms:issued": "2026-06-16T14:01+09:00",
"dcterms:modified": "2026-06-16T14:01+09:00",
"description": "Optical Disc Archive Software for Windows provided by Sony Corporation contains the following vulnerability.\u003ca href=\u0027https://cwe.mitre.org/data/definitions/276.html\u0027 target=\u0027_blank\u0027\u003e\u003c/a\u003e\u003cul\u003e\u003cli\u003eIncorrect default permissions (CWE-276) - CVE-2026-50255\u003c/li\u003e\u003c/ul\u003eKazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2026/JVNDB-2026-000084.html",
"sec:cpe": {
"#text": "cpe:/a:sony:optical_disc_archive_software",
"@product": "Optical Disc Archive Software",
"@vendor": "Sony Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2026-000084",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN79926428/index.html",
"@id": "JVN#79926428",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2026-50255",
"@id": "CVE-2026-50255",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Improper file access permission settings in the installers for Optical Disc Archive Software for Windows"
}
JVNDB-2025-000098
Vulnerability from jvndb - Published: 2025-11-04 13:51 - Updated:2025-11-04 13:51
Severity
Summary
Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path
Details
Optical Disc Archive Software (for Windows) provided by Sony Corporation contains the following vulnerability.
* Unquoted search path or element (CWE-428) - CVE-2025-62225
Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000098.html",
"dc:date": "2025-11-04T13:51+09:00",
"dcterms:issued": "2025-11-04T13:51+09:00",
"dcterms:modified": "2025-11-04T13:51+09:00",
"description": "Optical Disc Archive Software (for Windows) provided by Sony Corporation contains the following vulnerability.\r\n\r\n* Unquoted search path or element (CWE-428) - CVE-2025-62225\r\n\r\nKazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2025/JVNDB-2025-000098.html",
"sec:cpe": {
"#text": "cpe:/a:sony:optical_disc_archive_software",
"@product": "Optical Disc Archive Software",
"@vendor": "Sony Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.7",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"@version": "3.0"
},
"sec:identifier": "JVNDB-2025-000098",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN81917433/index.html",
"@id": "JVN#81917433",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2025-62225",
"@id": "CVE-2025-62225",
"@source": "CVE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Optical Disc Archive Software (for Windows) registers a Windows service with an unquoted file path"
}