Refine your search
2 vulnerabilities found for HIBUN Confidential File Decryption program by Hitachi Solutions, Ltd.
jvndb-2017-000226
Vulnerability from jvndb
Published
2017-10-11 16:43
Modified
2018-03-07 12:12
Severity ?
Summary
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
Details
HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Note that this vulnerability is different from JVN#58909026.
Eili Masami of Tachibana Lab. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000226.html",
"dc:date": "2018-03-07T12:12+09:00",
"dcterms:issued": "2017-10-11T16:43+09:00",
"dcterms:modified": "2018-03-07T12:12+09:00",
"description": "HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nNote that this vulnerability is different from JVN#58909026.\r\n\r\nEili Masami of Tachibana Lab. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000226.html",
"sec:cpe": {
"#text": "cpe:/a:hitachi-solutions:confidential_file_decryption",
"@product": "HIBUN Confidential File Decryption program",
"@vendor": "Hitachi Solutions, Ltd.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000226",
"sec:references": [
{
"#text": "http://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/en/jp/JVN55516206/index.html",
"@id": "JVN#55516206",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10865",
"@id": "CVE-2017-10865",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10865",
"@id": "CVE-2017-10865",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries"
}
jvndb-2017-000227
Vulnerability from jvndb
Published
2017-10-11 16:43
Modified
2018-03-07 12:06
Severity ?
Summary
HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries
Details
HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Note that this vulnerability is different from JVN#55516206.
Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000227.html",
"dc:date": "2018-03-07T12:06+09:00",
"dcterms:issued": "2017-10-11T16:43+09:00",
"dcterms:modified": "2018-03-07T12:06+09:00",
"description": "HIBUN Confidential File Decryption program provided by Hitachi Solutions, Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nNote that this vulnerability is different from JVN#55516206.\r\n\r\nYuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000227.html",
"sec:cpe": {
"#text": "cpe:/a:hitachi-solutions:confidential_file_decryption",
"@product": "HIBUN Confidential File Decryption program",
"@vendor": "Hitachi Solutions, Ltd.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000227",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN58909026/index.html",
"@id": "JVN#58909026",
"@source": "JVN"
},
{
"#text": "http://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10863",
"@id": "CVE-2017-10863",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10863",
"@id": "CVE-2017-10863",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "HIBUN Confidential File Decryption program may insecurely load Dynamic Link Libraries"
}