Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

1 vulnerability found for CLIP STUDIO MODELER (for Windows) by CELSYS,Inc.

jvndb-2018-000041

Vulnerability from jvndb

Published

2018-04-27 15:19

Modified

2018-08-30 14:12

Severity ?

8.0 (High) - cvssV3_0 - CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries

Details

The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).

References

Type

URL

	JVN	https://jvn.jp/en/jp/JVN68345747/index.html
	JVN	https://jvn.jp/en/ta/JVNTA91240916/index.html
	CVE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0580
	NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-0580
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

	CELSYS,Inc.	CLIP STUDIO ACTION (for Windows)
	CELSYS,Inc.	CLIP STUDIO MODELER (for Windows)
	CELSYS,Inc.	CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT
	CELSYS,Inc.	CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000041.html",
  "dc:date": "2018-08-30T14:12+09:00",
  "dcterms:issued": "2018-04-27T15:19+09:00",
  "dcterms:modified": "2018-08-30T14:12+09:00",
  "description": "The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).",
  "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000041.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:misc:celsys_clip_studio_action",
      "@product": "CLIP STUDIO ACTION (for Windows)",
      "@vendor": "CELSYS,Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:celsys_clip_studio_modeler",
      "@product": "CLIP STUDIO MODELER (for Windows) ",
      "@vendor": "CELSYS,Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:celsys_clip_studio_paint",
      "@product": "CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT",
      "@vendor": "CELSYS,Inc.",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:misc:celsys_clip_studio_paint",
      "@product": "CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT",
      "@vendor": "CELSYS,Inc.",
      "@version": "2.2"
    }
  ],
  "sec:cvss": [
    {
      "@score": "6.8",
      "@severity": "Medium",
      "@type": "Base",
      "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
      "@version": "2.0"
    },
    {
      "@score": "7.8",
      "@severity": "High",
      "@type": "Base",
      "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "@version": "3.0"
    }
  ],
  "sec:identifier": "JVNDB-2018-000041",
  "sec:references": [
    {
      "#text": "https://jvn.jp/en/jp/JVN68345747/index.html",
      "@id": "JVN#68345747",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
      "@id": "JVNTA#91240916",
      "@source": "JVN"
    },
    {
      "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0580",
      "@id": "CVE-2018-0580",
      "@source": "CVE"
    },
    {
      "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0580",
      "@id": "CVE-2018-0580",
      "@source": "NVD"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries"
}