cnvd - cnvd-2017-35247

cnvd-2017-35247

Vulnerability from cnvd

Title

BOOK WALKER信息泄露漏洞

Description

BOOK WALKER for Windows和BOOK WALKER for Mac都是日本BOOK WALKER公司的产品。BOOK WALKER for Windows是一套基于Windows平台的电子书软件。BOOK WALKER for Mac是一套基于Mac平台的电子书软件。基于Windows平台BOOK WALKER 1.2.9及之前的版本和基于Mac平台的BOOK WALKER 1.2.5及之前的版本中存在信息泄露漏洞。攻击者可利用该漏洞访问本地文件。

Severity

高

Patch Name

BOOK WALKER信息泄露漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://bookwalker.jp/info/message20171113_pc_app/

Reference

http://jvn.jp/en/jp/JVN18420340/

Impacted products

Name
['BOOK WALKER BOOK WALKER for Windows <=1.2.9', 'BOOK WALKER BOOK WALKER for Mac <=1.2.5']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-10888"
    }
  },
  "description": "BOOK WALKER for Windows\u548cBOOK WALKER for Mac\u90fd\u662f\u65e5\u672cBOOK WALKER\u516c\u53f8\u7684\u4ea7\u54c1\u3002BOOK WALKER for Windows\u662f\u4e00\u5957\u57fa\u4e8eWindows\u5e73\u53f0\u7684\u7535\u5b50\u4e66\u8f6f\u4ef6\u3002BOOK WALKER for Mac\u662f\u4e00\u5957\u57fa\u4e8eMac\u5e73\u53f0\u7684\u7535\u5b50\u4e66\u8f6f\u4ef6\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0BOOK WALKER 1.2.9\u53ca\u4e4b\u524d\u7684\u7248\u672c\u548c\u57fa\u4e8eMac\u5e73\u53f0\u7684BOOK WALKER 1.2.5\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u672c\u5730\u6587\u4ef6\u3002",
  "discovererName": "Yuji Tounai of NTT Communications Corporation",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bookwalker.jp/info/message20171113_pc_app/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-35247",
  "openTime": "2017-11-28",
  "patchDescription": "BOOK WALKER for Windows\u548cBOOK WALKER for Mac\u90fd\u662f\u65e5\u672cBOOK WALKER\u516c\u53f8\u7684\u4ea7\u54c1\u3002BOOK WALKER for Windows\u662f\u4e00\u5957\u57fa\u4e8eWindows\u5e73\u53f0\u7684\u7535\u5b50\u4e66\u8f6f\u4ef6\u3002BOOK WALKER for Mac\u662f\u4e00\u5957\u57fa\u4e8eMac\u5e73\u53f0\u7684\u7535\u5b50\u4e66\u8f6f\u4ef6\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0BOOK WALKER 1.2.9\u53ca\u4e4b\u524d\u7684\u7248\u672c\u548c\u57fa\u4e8eMac\u5e73\u53f0\u7684BOOK WALKER 1.2.5\u53ca\u4e4b\u524d\u7684\u7248\u672c\u4e2d\u5b58\u5728\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u672c\u5730\u6587\u4ef6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "BOOK WALKER\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "BOOK WALKER BOOK WALKER for Windows \u003c=1.2.9",
      "BOOK WALKER BOOK WALKER for Mac \u003c=1.2.5"
    ]
  },
  "referenceLink": "http://jvn.jp/en/jp/JVN18420340/",
  "serverity": "\u9ad8",
  "submitTime": "2017-11-15",
  "title": "BOOK WALKER\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e"
}

CVE-2017-10888 (GCVE-0-2017-10888)

Vulnerability from cvelistv5

Published

2017-11-17 14:00

Modified

2024-08-05 17:50

Severity ?

CWE

Information Disclosure

Summary

BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors.

References

URL

Tags

	https://bookwalker.jp/info/message20171113_pc_app/	x_refsource_CONFIRM
	https://jvn.jp/en/jp/JVN18420340/index.html	third-party-advisory, x_refsource_JVN

Impacted products

Vendor

Product

Version

BOOK WALKER Co.,Ltd.

BOOK WALKER for Windows

Version: Ver.1.2.9 and earlier

BOOK WALKER Co.,Ltd.

BOOK WALKER for Mac

Version: Ver.1.2.5 and earlier

Show details on NVD website