[Japanese] | |
JVNDB-2017-000214 | |
Installer of "Flets Install Tool" may insecurely load Dynamic Link Libraries | |
Overview | |
Installer of "Flets Install Tool" provided by NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). | |
CVSS Severity (What is CVSS?) | |
CVSS V3 Severity:
Base Metrics 7.8 (High) [IPA Score]
CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
| |
Affected Products | |
| |
NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION | |
| |
Impact | |
Arbitrary code may be executed with the privilege of the user invoking the installer. | |
Solution | |
[Use the latest installer] | |
Vendor Information | |
NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2017/08/25 |
Date First Published | 2017/08/25 |
Date Last Updated | 2018/02/28 |