Refine your search
2 vulnerabilities found for IP Messenger by H.Shirouzu
jvndb-2017-000196
Vulnerability from jvndb
Published
2017-08-03 14:35
Modified
2018-01-24 14:26
Severity ?
Summary
Installer of IP Messenger may insecurely load Dynamic Link Libraries
Details
IP Messenger is a LAN Messenger based on TCP/IP. IP Messenger contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Eili Masami of Tachibana Lab. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000196.html",
"dc:date": "2018-01-24T14:26+09:00",
"dcterms:issued": "2017-08-03T14:35+09:00",
"dcterms:modified": "2018-01-24T14:26+09:00",
"description": "IP Messenger is a LAN Messenger based on TCP/IP. IP Messenger contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nEili Masami of Tachibana Lab. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000196.html",
"sec:cpe": {
"#text": "cpe:/a:hiroaki_shirouzu:ip_messenger",
"@product": "IP Messenger",
"@vendor": "H.Shirouzu",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000196",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN86724730/index.html",
"@id": "JVN#86724730",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10820",
"@id": "CVE-2017-10820",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10820",
"@id": "CVE-2017-10820",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Installer of IP Messenger may insecurely load Dynamic Link Libraries"
}
jvndb-2003-000144
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
IP Messenger for Win Filename Buffer Overflow Vulnerability
Details
IP Messenger for Win suffers buffer overflow when the user saves an attached file with a long name sent with the message.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000144.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "IP Messenger for Win suffers buffer overflow when the user saves an attached file with a long name sent with the message.",
"link": "https://jvndb.jvn.jp/en/contents/2003/JVNDB-2003-000144.html",
"sec:cpe": {
"#text": "cpe:/a:hiroaki_shirouzu:ip_messenger",
"@product": "IP Messenger",
"@vendor": "H.Shirouzu",
"@version": "2.2"
},
"sec:cvss": {
"@score": "10.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2003-000144",
"sec:references": [
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0288",
"@id": "CVE-2003-0288",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2003-0288",
"@id": "CVE-2003-0288",
"@source": "NVD"
},
{
"#text": "http://www.securityfocus.com/bid/7566",
"@id": "7566",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/11986",
"@id": "11986",
"@source": "XF"
}
],
"title": "IP Messenger for Win Filename Buffer Overflow Vulnerability"
}