Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for The installer of WPS Office by KINGSOFT JAPAN, INC.

    CVE-2022-26081 (GCVE-0-2022-26081)

    Vulnerability from nvd – Published: 2022-03-17 17:15 – Updated: 2024-08-03 04:56
    VLAI
    Summary
    The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
    Severity
    No CVSS data available.
    CWE
    • CWE-427 - insecurely loading Dynamic Link Libraries
    Assigner
    References
    URL Tags
    https://support.kingsoft.jp/support-info/weakness.html x_refsource_CONFIRM
    https://jvn.jp/en/jp/JVN21234459/ third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    KINGSOFT JAPAN, INC. The installer of WPS Office Affected: Reported for Version 10.8.0.5745
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:56:37.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.kingsoft.jp/support-info/weakness.html"
              },
              {
                "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN21234459/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "The installer of WPS Office",
              "vendor": "KINGSOFT JAPAN, INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Reported for Version 10.8.0.5745"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427: insecurely loading Dynamic Link Libraries",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-17T17:15:54.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.kingsoft.jp/support-info/weakness.html"
            },
            {
              "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN21234459/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-26081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "The installer of WPS Office",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Reported for Version 10.8.0.5745"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "KINGSOFT JAPAN, INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427: insecurely loading Dynamic Link Libraries"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kingsoft.jp/support-info/weakness.html",
                  "refsource": "CONFIRM",
                  "url": "https://support.kingsoft.jp/support-info/weakness.html"
                },
                {
                  "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN21234459/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-26081",
        "datePublished": "2022-03-17T17:15:54.000Z",
        "dateReserved": "2022-03-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:56:37.604Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25969 (GCVE-0-2022-25969)

    Vulnerability from nvd – Published: 2022-03-17 17:15 – Updated: 2024-08-03 04:56
    VLAI
    Summary
    The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
    Severity
    No CVSS data available.
    CWE
    • CWE-427 - insecurely loading Dynamic Link Libraries
    Assigner
    References
    URL Tags
    https://support.kingsoft.jp/support-info/weakness.html x_refsource_CONFIRM
    https://jvn.jp/en/jp/JVN21234459/ third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    KINGSOFT JAPAN, INC. The installer of WPS Office Affected: Reported for Version 10.8.0.6186
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:56:36.775Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.kingsoft.jp/support-info/weakness.html"
              },
              {
                "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN21234459/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "The installer of WPS Office",
              "vendor": "KINGSOFT JAPAN, INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Reported for Version 10.8.0.6186"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427: insecurely loading Dynamic Link Libraries",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-17T17:15:38.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.kingsoft.jp/support-info/weakness.html"
            },
            {
              "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN21234459/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-25969",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "The installer of WPS Office",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Reported for Version 10.8.0.6186"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "KINGSOFT JAPAN, INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427: insecurely loading Dynamic Link Libraries"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kingsoft.jp/support-info/weakness.html",
                  "refsource": "CONFIRM",
                  "url": "https://support.kingsoft.jp/support-info/weakness.html"
                },
                {
                  "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN21234459/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-25969",
        "datePublished": "2022-03-17T17:15:38.000Z",
        "dateReserved": "2022-03-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:56:36.775Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-26081 (GCVE-0-2022-26081)

    Vulnerability from cvelistv5 – Published: 2022-03-17 17:15 – Updated: 2024-08-03 04:56
    VLAI
    Summary
    The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
    Severity
    No CVSS data available.
    CWE
    • CWE-427 - insecurely loading Dynamic Link Libraries
    Assigner
    References
    URL Tags
    https://support.kingsoft.jp/support-info/weakness.html x_refsource_CONFIRM
    https://jvn.jp/en/jp/JVN21234459/ third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    KINGSOFT JAPAN, INC. The installer of WPS Office Affected: Reported for Version 10.8.0.5745
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:56:37.604Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.kingsoft.jp/support-info/weakness.html"
              },
              {
                "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN21234459/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "The installer of WPS Office",
              "vendor": "KINGSOFT JAPAN, INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Reported for Version 10.8.0.5745"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427: insecurely loading Dynamic Link Libraries",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-17T17:15:54.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.kingsoft.jp/support-info/weakness.html"
            },
            {
              "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN21234459/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-26081",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "The installer of WPS Office",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Reported for Version 10.8.0.5745"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "KINGSOFT JAPAN, INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The installer of WPS Office Version 10.8.0.5745 insecurely load shcore.dll, allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427: insecurely loading Dynamic Link Libraries"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kingsoft.jp/support-info/weakness.html",
                  "refsource": "CONFIRM",
                  "url": "https://support.kingsoft.jp/support-info/weakness.html"
                },
                {
                  "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN21234459/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-26081",
        "datePublished": "2022-03-17T17:15:54.000Z",
        "dateReserved": "2022-03-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:56:37.604Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-25969 (GCVE-0-2022-25969)

    Vulnerability from cvelistv5 – Published: 2022-03-17 17:15 – Updated: 2024-08-03 04:56
    VLAI
    Summary
    The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer.
    Severity
    No CVSS data available.
    CWE
    • CWE-427 - insecurely loading Dynamic Link Libraries
    Assigner
    References
    URL Tags
    https://support.kingsoft.jp/support-info/weakness.html x_refsource_CONFIRM
    https://jvn.jp/en/jp/JVN21234459/ third-party-advisoryx_refsource_JVN
    Impacted products
    Vendor Product Version
    KINGSOFT JAPAN, INC. The installer of WPS Office Affected: Reported for Version 10.8.0.6186
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:56:36.775Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.kingsoft.jp/support-info/weakness.html"
              },
              {
                "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN21234459/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "The installer of WPS Office",
              "vendor": "KINGSOFT JAPAN, INC.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Reported for Version 10.8.0.6186"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-427",
                  "description": "CWE-427: insecurely loading Dynamic Link Libraries",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-03-17T17:15:38.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.kingsoft.jp/support-info/weakness.html"
            },
            {
              "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN21234459/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2022-25969",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "The installer of WPS Office",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "Reported for Version 10.8.0.6186"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "KINGSOFT JAPAN, INC."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The installer of WPS Office Version 10.8.0.6186 insecurely load VERSION.DLL (or some other DLLs), allowing an attacker to execute arbitrary code with the privilege of the user invoking the installer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-427: insecurely loading Dynamic Link Libraries"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://support.kingsoft.jp/support-info/weakness.html",
                  "refsource": "CONFIRM",
                  "url": "https://support.kingsoft.jp/support-info/weakness.html"
                },
                {
                  "name": "JVN#21234459: Multiple vulnerabilities in KINGSOFT \u0027WPS Office\u0027 and \u0027KINGSOFT Internet Security\u0027",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN21234459/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2022-25969",
        "datePublished": "2022-03-17T17:15:38.000Z",
        "dateReserved": "2022-03-14T00:00:00.000Z",
        "dateUpdated": "2024-08-03T04:56:36.775Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }