Search
Find a vulnerability
Search criteria
12 vulnerabilities by Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)
CVE-2017-2228 (GCVE-0-2017-2228)
Vulnerability from nvd – Published: 2017-08-18 13:00 – Updated: 2024-08-05 13:48
VLAI
Summary
Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN53292345/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Teikihoukokusho Sakuseishien Tool |
Affected:
v4.0
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:04.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#53292345",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN53292345/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Teikihoukokusho Sakuseishien Tool",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "v4.0"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#53292345",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN53292345/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Teikihoukokusho Sakuseishien Tool",
"version": {
"version_data": [
{
"version_value": "v4.0"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#53292345",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN53292345/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2228",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:48:04.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10823 (GCVE-0-2017-10823)
Vulnerability from nvd – Published: 2017-08-18 13:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN23546631/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) |
Affected:
Distributed on the website till 2017 May 17
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:11.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#23546631",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN23546631/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10)",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "Distributed on the website till 2017 May 17"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#23546631",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN23546631/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10)",
"version": {
"version_data": [
{
"version_value": "Distributed on the website till 2017 May 17"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#23546631",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN23546631/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10823",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:11.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10822 (GCVE-0-2017-10822)
Vulnerability from nvd – Published: 2017-08-18 13:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN71104430/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) |
Affected:
Distributed on the website until 2017 May 17
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#71104430",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN71104430/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30)",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "Distributed on the website until 2017 May 17"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#71104430",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN71104430/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30)",
"version": {
"version_data": [
{
"version_value": "Distributed on the website until 2017 May 17"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#71104430",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN71104430/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10822",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10821 (GCVE-0-2017-10821)
Vulnerability from nvd – Published: 2017-08-18 13:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN73559859/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) |
Affected:
Distributed on the website until 2017 May 17
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#73559859",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN73559859/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30)",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "Distributed on the website until 2017 May 17"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#73559859",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN73559859/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30)",
"version": {
"version_data": [
{
"version_value": "Distributed on the website until 2017 May 17"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#73559859",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN73559859/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10821",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10821 (GCVE-0-2017-10821)
Vulnerability from cvelistv5 – Published: 2017-08-18 13:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN73559859/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) |
Affected:
Distributed on the website until 2017 May 17
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#73559859",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN73559859/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30)",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "Distributed on the website until 2017 May 17"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#73559859",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN73559859/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30)",
"version": {
"version_data": [
{
"version_value": "Distributed on the website until 2017 May 17"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#73559859",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN73559859/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10821",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10822 (GCVE-0-2017-10822)
Vulnerability from cvelistv5 – Published: 2017-08-18 13:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN71104430/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) |
Affected:
Distributed on the website until 2017 May 17
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#71104430",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN71104430/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30)",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "Distributed on the website until 2017 May 17"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#71104430",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN71104430/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30)",
"version": {
"version_data": [
{
"version_value": "Distributed on the website until 2017 May 17"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#71104430",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN71104430/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10822",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.056Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10823 (GCVE-0-2017-10823)
Vulnerability from cvelistv5 – Published: 2017-08-18 13:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN23546631/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) |
Affected:
Distributed on the website till 2017 May 17
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:11.829Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#23546631",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN23546631/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10)",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "Distributed on the website till 2017 May 17"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#23546631",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN23546631/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10)",
"version": {
"version_data": [
{
"version_value": "Distributed on the website till 2017 May 17"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#23546631",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN23546631/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10823",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:11.829Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2228 (GCVE-0-2017-2228)
Vulnerability from cvelistv5 – Published: 2017-08-18 13:00 – Updated: 2024-08-05 13:48
VLAI
Summary
Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://jvn.jp/en/jp/JVN53292345/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI) | Teikihoukokusho Sakuseishien Tool |
Affected:
v4.0
|
Date Public
2017-08-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:04.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#53292345",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN53292345/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Teikihoukokusho Sakuseishien Tool",
"vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"versions": [
{
"status": "affected",
"version": "v4.0"
}
]
}
],
"datePublic": "2017-08-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-18T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#53292345",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN53292345/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2228",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Teikihoukokusho Sakuseishien Tool",
"version": {
"version_data": [
{
"version_value": "v4.0"
}
]
}
}
]
},
"vendor_name": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#53292345",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN53292345/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2228",
"datePublished": "2017-08-18T13:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:48:04.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2017-000200
Vulnerability from jvndb - Published: 2017-08-17 17:29 - Updated:2018-02-14 12:05
Severity
Summary
Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries
Details
Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Eili Masami of Tachibana Lab. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000200.html",
"dc:date": "2018-02-14T12:05+09:00",
"dcterms:issued": "2017-08-17T17:29+09:00",
"dcterms:modified": "2018-02-14T12:05+09:00",
"description": "Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nEili Masami of Tachibana Lab. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000200.html",
"sec:cpe": {
"#text": "cpe:/a:enecho.meti:shin_sekiyu_yunyu_chousa_houkoku_data_nyuryoku_program",
"@product": "Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program",
"@vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000200",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN71104430/index.html",
"@id": "JVN#71104430",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10822",
"@id": "CVE-2017-10822",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10822",
"@id": "CVE-2017-10822",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries"
}
JVNDB-2017-000199
Vulnerability from jvndb - Published: 2017-08-17 17:29 - Updated:2018-02-14 12:19
Severity
Summary
Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program may insecurely load Dynamic Link Libraries
Details
Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Eili Masami of Tachibana Lab. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000199.html",
"dc:date": "2018-02-14T12:19+09:00",
"dcterms:issued": "2017-08-17T17:29+09:00",
"dcterms:modified": "2018-02-14T12:19+09:00",
"description": "Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nEili Masami of Tachibana Lab. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000199.html",
"sec:cpe": {
"#text": "cpe:/a:enecho.meti:shin_kikan_toukei_houkoku_data_nyuryokuyou_program",
"@product": "Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program",
"@vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000199",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN73559859/index.html",
"@id": "JVN#73559859",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10821",
"@id": "CVE-2017-10821",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10821",
"@id": "CVE-2017-10821",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Installer of Shin Kikan Toukei Houkoku Data Nyuryokuyou Program may insecurely load Dynamic Link Libraries"
}
JVNDB-2017-000201
Vulnerability from jvndb - Published: 2017-08-17 17:29 - Updated:2018-02-14 12:08
Severity
Summary
Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries
Details
Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Eili Masami of Tachibana Lab. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000201.html",
"dc:date": "2018-02-14T12:08+09:00",
"dcterms:issued": "2017-08-17T17:29+09:00",
"dcterms:modified": "2018-02-14T12:08+09:00",
"description": "Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nEili Masami of Tachibana Lab. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000201.html",
"sec:cpe": {
"#text": "cpe:/a:enecho.meti:shin_kinkyuji_houkoku_data_nyuryoku_program",
"@product": "Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program",
"@vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000201",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN23546631/index.html",
"@id": "JVN#23546631",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10823",
"@id": "CVE-2017-10823",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10823",
"@id": "CVE-2017-10823",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Installer of Shin Kinkyuji Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries"
}
JVNDB-2017-000154
Vulnerability from jvndb - Published: 2017-08-17 15:31 - Updated:2018-02-14 12:11
Severity
Summary
Teikihoukokusho Sakuseishien Tool may insecurely load Dynamic Link Libraries
Details
Teikihoukokusho Sakuseishien Tool provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
The tool is provided as a ZIP archive. It is assumed that a user extracts the tool (the executable file) to the home directory. If a malicious DLL file is placed in the same directory as the tool and the user invokes the tool, then the malicious DLL is loaded and executed.
Takashi Yoshikawa of Mitsui Bussan Secure Directions,Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000154.html",
"dc:date": "2018-02-14T12:11+09:00",
"dcterms:issued": "2017-08-17T15:31+09:00",
"dcterms:modified": "2018-02-14T12:11+09:00",
"description": "Teikihoukokusho Sakuseishien Tool provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\nThe tool is provided as a ZIP archive. It is assumed that a user extracts the tool (the executable file) to the home directory. If a malicious DLL file is placed in the same directory as the tool and the user invokes the tool, then the malicious DLL is loaded and executed.\r\n\r\nTakashi Yoshikawa of Mitsui Bussan Secure Directions,Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000154.html",
"sec:cpe": {
"#text": "cpe:/a:enecho.meti:teikihoukokusho_sakuseishien_tool",
"@product": "Teikihoukokusho Sakuseishien Tool",
"@vendor": "Agency for Natural Resources and Energy of Ministry of Economy,Trade and Industry (METI)",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000154",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN53292345/index.html",
"@id": "JVN#53292345",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2228",
"@id": "CVE-2017-2228",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-2228",
"@id": "CVE-2017-2228",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Teikihoukokusho Sakuseishien Tool may insecurely load Dynamic Link Libraries"
}