Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

1 vulnerability found for TeraPad by Susumu Terao

jvndb-2010-000045

Vulnerability from jvndb

Published

2010-10-26 16:51

Modified

2010-10-26 16:51

Severity ?

() - -

Summary

TeraPad may insecurely load dynamic libraries

Details

TeraPad may use unsafe methods for determining how to load DLLs. TeraPad is a text editor. TeraPad loads certain DLL's when TXT files are opened. TeraPad contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

References

Type

URL

	JVN	http://jvn.jp/en/jp/JVN48097065/index.html
	JVNTR	https://jvn.jp/en/tr/JVNTR-2010-23/index.html
	CVE	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3161
	NVD	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3161
	IPA SECURITY ALERTS	http://www.ipa.go.jp/security/english/vuln/201010_TeraPad_en.html
	CERT-VN	http://www.kb.cert.org/vuls/id/707943
	CERT-TA	http://www.us-cert.gov/cas/techalerts/TA10-238A.html
	No Mapping(CWE-Other)	https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html

Impacted products

Vendor

Product

Susumu Terao

TeraPad

Show details on JVN DB website

JSON

To clipboard

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000045.html",
  "dc:date": "2010-10-26T16:51+09:00",
  "dcterms:issued": "2010-10-26T16:51+09:00",
  "dcterms:modified": "2010-10-26T16:51+09:00",
  "description": "TeraPad may use unsafe methods for determining how to load DLLs.\r\n\r\nTeraPad is a text editor. TeraPad loads certain DLL\u0027s when TXT files are opened. TeraPad contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.\r\n\r\nMakoto Shiotsuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000045.html",
  "sec:cpe": {
    "#text": "cpe:/a:susumu_terao:terapad",
    "@product": "TeraPad",
    "@vendor": "Susumu Terao",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2010-000045",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN48097065/index.html",
      "@id": "JVN#48097065",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/tr/JVNTR-2010-23/index.html",
      "@id": "JVNTR-2010-23",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3161",
      "@id": "CVE-2010-3161",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3161",
      "@id": "CVE-2010-3161",
      "@source": "NVD"
    },
    {
      "#text": "http://www.ipa.go.jp/security/english/vuln/201010_TeraPad_en.html",
      "@id": "Security Alert for Vulnerability in TeraPad",
      "@source": "IPA SECURITY ALERTS"
    },
    {
      "#text": "http://www.kb.cert.org/vuls/id/707943",
      "@id": "VU#707943",
      "@source": "CERT-VN"
    },
    {
      "#text": "http://www.us-cert.gov/cas/techalerts/TA10-238A.html",
      "@id": "TA10-238A",
      "@source": "CERT-TA"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "TeraPad may insecurely load dynamic libraries"
}