Search
Find a vulnerability
Search criteria
3 vulnerabilities by Canon IT Solutions Inc.
CVE-2018-0649 (GCVE-0-2018-0649)
Vulnerability from nvd – Published: 2018-09-07 14:00 – Updated: 2024-08-05 03:35
VLAI
Summary
Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN41452671/index.html | third-party-advisoryx_refsource_JVN |
| https://eset-support.canon-its.jp/faq/show/10720?… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Canon IT Solutions Inc. | The installers of multiple Canon IT Solutions Inc. software programs |
Affected:
(ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones))
|
Date Public
2018-07-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#41452671",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41452671/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "The installers of multiple Canon IT Solutions Inc. software programs",
"vendor": "Canon IT Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "(ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones))"
}
]
}
],
"datePublic": "2018-07-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-07T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#41452671",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN41452671/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "The installers of multiple Canon IT Solutions Inc. software programs",
"version": {
"version_data": [
{
"version_value": "(ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones))"
}
]
}
}
]
},
"vendor_name": "Canon IT Solutions Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#41452671",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN41452671/index.html"
},
{
"name": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default",
"refsource": "CONFIRM",
"url": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0649",
"datePublished": "2018-09-07T14:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0649 (GCVE-0-2018-0649)
Vulnerability from cvelistv5 – Published: 2018-09-07 14:00 – Updated: 2024-08-05 03:35
VLAI
Summary
Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN41452671/index.html | third-party-advisoryx_refsource_JVN |
| https://eset-support.canon-its.jp/faq/show/10720?… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Canon IT Solutions Inc. | The installers of multiple Canon IT Solutions Inc. software programs |
Affected:
(ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones))
|
Date Public
2018-07-18 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:35:48.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#41452671",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN41452671/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "The installers of multiple Canon IT Solutions Inc. software programs",
"vendor": "Canon IT Solutions Inc.",
"versions": [
{
"status": "affected",
"version": "(ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones))"
}
]
}
],
"datePublic": "2018-07-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-07T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#41452671",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN41452671/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0649",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "The installers of multiple Canon IT Solutions Inc. software programs",
"version": {
"version_data": [
{
"version_value": "(ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones))"
}
]
}
}
]
},
"vendor_name": "Canon IT Solutions Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc. software programs (ESET Smart Security Premium, ESET Internet Security, ESET Smart Security, ESET NOD32 Antivirus, DESlock+ Pro, and CompuSec (all programs except packaged ones)) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#41452671",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN41452671/index.html"
},
{
"name": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default",
"refsource": "CONFIRM",
"url": "https://eset-support.canon-its.jp/faq/show/10720?site_domain=default"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0649",
"datePublished": "2018-09-07T14:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:35:48.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2009-000066
Vulnerability from jvndb - Published: 2009-10-20 15:56 - Updated:2009-10-20 15:56Summary
Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting
Details
Canon IT Solutions Inc. ACCESSGUARDIAN contains a cross-site scripting vulnerability.
Canon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability.
Ohji Kashiwazaki of GLOBAL SECURITY EXPERTS Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000066.html",
"dc:date": "2009-10-20T15:56+09:00",
"dcterms:issued": "2009-10-20T15:56+09:00",
"dcterms:modified": "2009-10-20T15:56+09:00",
"description": "Canon IT Solutions Inc. ACCESSGUARDIAN contains a cross-site scripting vulnerability.\r\n\r\nCanon IT Solutions Inc. ACCESSGUARDIAN is a web security gateway. ACCESSGUARDIAN contains a cross-site scripting vulnerability.\r\n\r\nOhji Kashiwazaki of GLOBAL SECURITY EXPERTS Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000066.html",
"sec:cpe": {
"#text": "cpe:/a:canon-its:accessguardian",
"@product": "ACCESSGUARDIAN",
"@vendor": "Canon IT Solutions Inc.",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-000066",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN33822756/index.html",
"@id": "JVN#33822756",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4608",
"@id": "CVE-2009-4608",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4608",
"@id": "CVE-2009-4608",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/37045",
"@id": "SA37045",
"@source": "SECUNIA"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/53822",
"@id": "53822",
"@source": "XF"
},
{
"#text": "http://www.vupen.com/english/advisories/2009/2973",
"@id": "VUPEN/ADV-2009-2973",
"@source": "VUPEN"
},
{
"#text": "http://osvdb.org/59058",
"@id": "59058",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Canon IT Solutions Inc. ACCESSGUARDIAN vulnerable to cross-site scripting"
}