Search

Find a vulnerability

Search criteria

    1 vulnerability found for SaAT Personal by NetMove Corporation

    JVNDB-2017-000110

    Vulnerability from jvndb - Published: 2017-06-02 14:00 - Updated:2018-01-17 12:25
    Severity
    Summary
    Installer of SaAT Personal may insecurely load Dynamic Link Libraries
    Details
    The installer of SaAT Personal provided by NetMove Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). DigiGnome reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000110.html",
      "dc:date": "2018-01-17T12:25+09:00",
      "dcterms:issued": "2017-06-02T14:00+09:00",
      "dcterms:modified": "2018-01-17T12:25+09:00",
      "description": "The installer of SaAT Personal provided by NetMove Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nDigiGnome reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000110.html",
      "sec:cpe": {
        "#text": "cpe:/a:saat:personal",
        "@product": "SaAT Personal",
        "@vendor": "NetMove Corporation",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2017-000110",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN08020381/index.html",
          "@id": "JVN#08020381",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2207",
          "@id": "CVE-2017-2207",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-2207",
          "@id": "CVE-2017-2207",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Installer of SaAT Personal may insecurely load Dynamic Link Libraries"
    }