var-201704-0898
Vulnerability from variot
Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WE series) V3.00.01, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WD/WC series) V2.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WB/WL series) V1.00.04 and earlier, SDHC Memory Card with embedded TransferJet functionality Configuration Software V1.02 and earlier, SDHC Memory Card with embedded TransferJet functionality Software Update tool V1.00.06 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. Multiple installers of Toshiba memory card related software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary code may be executed with the privilege of the user invoking the installer. Toshiba SDHC and SDXC are both memory cards from Toshiba Corporation of Japan. A remote attacker can exploit this vulnerability to gain access. A remote attacker can leverage this issue to execute arbitrary code in the context of the affected application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201704-0898",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "flashair",
"scope": "lte",
"trust": 1.0,
"vendor": "toshiba",
"version": "1.00.03"
},
{
"model": "flashair",
"scope": "lte",
"trust": 1.0,
"vendor": "toshiba",
"version": "1.00.04"
},
{
"model": "flashair",
"scope": "lte",
"trust": 1.0,
"vendor": "toshiba",
"version": "3.00.01"
},
{
"model": "flashair",
"scope": "lte",
"trust": 1.0,
"vendor": "toshiba",
"version": "2.00.03"
},
{
"model": "flashair",
"scope": "lte",
"trust": 1.0,
"vendor": "toshiba",
"version": "3.0.2"
},
{
"model": "flashair",
"scope": "lte",
"trust": 1.0,
"vendor": "toshiba",
"version": "1.00.06"
},
{
"model": "flashair",
"scope": "lte",
"trust": 1.0,
"vendor": "toshiba",
"version": "1.02"
},
{
"model": "sdhc memory card with embedded transferjet functionality configuration software",
"scope": "lte",
"trust": 0.8,
"vendor": "toshiba",
"version": "v1.02"
},
{
"model": "sdhc memory card with embedded transferjet functionality software update tool",
"scope": "lte",
"trust": 0.8,
"vendor": "toshiba",
"version": "v1.00.06"
},
{
"model": "sdhc memory card with embedded wireless lan functionality flashair configuration software",
"scope": "lte",
"trust": 0.8,
"vendor": "toshiba",
"version": "v3.0.2"
},
{
"model": "sdhc memory card with embedded wireless lan functionality flashair software update tool",
"scope": "lte",
"trust": 0.8,
"vendor": "toshiba",
"version": "(sd-wb/wl series) v1.00.04"
},
{
"model": "sdhc memory card with embedded wireless lan functionality flashair software update tool",
"scope": "lte",
"trust": 0.8,
"vendor": "toshiba",
"version": "(sd-wd/wc series\u003cw-02\u003e) v2.00.03"
},
{
"model": "sdhc memory card with embedded wireless lan functionality flashair software update tool",
"scope": "eq",
"trust": 0.8,
"vendor": "toshiba",
"version": "(sd-we series\u003cw-03\u003e) v3.00.01"
},
{
"model": "sdhc/sdxc memory card with embedded nfc functionality software update tool",
"scope": "lte",
"trust": 0.8,
"vendor": "toshiba",
"version": "v1.00.03"
},
{
"model": "sdhc memory card",
"scope": "lte",
"trust": 0.6,
"vendor": "toshiba",
"version": "\u003c=v3.0.2"
},
{
"model": "sdhc memory card",
"scope": "lt",
"trust": 0.6,
"vendor": "toshiba",
"version": "3.00.01"
},
{
"model": "sdhc memory card",
"scope": "lte",
"trust": 0.6,
"vendor": "toshiba",
"version": "\u003c=v2.00.03"
},
{
"model": "sdhc memory card",
"scope": "lte",
"trust": 0.6,
"vendor": "toshiba",
"version": "\u003c=v1.00.04"
},
{
"model": "sdhc memory card",
"scope": "lte",
"trust": 0.6,
"vendor": "toshiba",
"version": "\u003c=v1.02"
},
{
"model": "sdhc memory card",
"scope": "lte",
"trust": 0.6,
"vendor": "toshiba",
"version": "\u003c=v1.00.06"
},
{
"model": "sdhc/sdxc memory card",
"scope": null,
"trust": 0.6,
"vendor": "toshiba",
"version": null
},
{
"model": "flashair",
"scope": "eq",
"trust": 0.6,
"vendor": "toshiba",
"version": "3.0.2"
},
{
"model": "flashair",
"scope": "eq",
"trust": 0.6,
"vendor": "toshiba",
"version": "2.00.03"
},
{
"model": "flashair",
"scope": "eq",
"trust": 0.6,
"vendor": "toshiba",
"version": "1.00.03"
},
{
"model": "flashair",
"scope": "eq",
"trust": 0.6,
"vendor": "toshiba",
"version": "1.00.04"
},
{
"model": "flashair",
"scope": "eq",
"trust": 0.6,
"vendor": "toshiba",
"version": "1.00.06"
},
{
"model": "flashair",
"scope": "eq",
"trust": 0.6,
"vendor": "toshiba",
"version": "3.00.01"
},
{
"model": "flashair",
"scope": "eq",
"trust": 0.6,
"vendor": "toshiba",
"version": "1.02"
},
{
"model": "sdxc memory card with embedded nfc functionality software update",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "1.0.3"
},
{
"model": "sdxc memory card with embedded nfc functionality software update",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "0"
},
{
"model": "sdhc memory card flashairtm software update tool",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "3.0.1"
},
{
"model": "sdhc memory card flashairtm software update tool",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "0"
},
{
"model": "sdhc memory card flashairtm configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "3.0.2"
},
{
"model": "sdhc memory card flashairtm configuration software",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "0"
},
{
"model": "sdhc memory card",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "1.0.3"
},
{
"model": "sdhc memory card",
"scope": "eq",
"trust": 0.3,
"vendor": "toshiba",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"db": "BID",
"id": "97697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:toshiba:sdhc_memory_card_with_transferjet_setting_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:toshiba:sdhc_memory_card_with_transferjet_firmware_updatetool",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:toshiba:wlan_sdhc_memory_card_flashair_setting_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:toshiba:wlan_sdhc_memory_card_flashair_setting_software_updatetool",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:toshiba:nfc_sdhc_%2F_sdxc_memory_card_software_updatetool",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Yuji Tounai of NTT Communications Corporation.",
"sources": [
{
"db": "BID",
"id": "97697"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
}
],
"trust": 0.9
},
"cve": "CVE-2017-2149",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2017-2149",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "JVNDB-2017-000069",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-06938",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2017-2149",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2017-000069",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-2149",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2017-000069",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-06938",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-965",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Software V3.0.2 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WE series\u003cW-03\u003e) V3.00.01, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WD/WC series\u003cW-02\u003e) V2.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Software Update tool (SD-WB/WL series) V1.00.04 and earlier, SDHC Memory Card with embedded TransferJet functionality Configuration Software V1.02 and earlier, SDHC Memory Card with embedded TransferJet functionality Software Update tool V1.00.06 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. Multiple installers of Toshiba memory card related software contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.Arbitrary code may be executed with the privilege of the user invoking the installer. Toshiba SDHC and SDXC are both memory cards from Toshiba Corporation of Japan. A remote attacker can exploit this vulnerability to gain access. \nA remote attacker can leverage this issue to execute arbitrary code in the context of the affected application",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-2149"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"db": "BID",
"id": "97697"
}
],
"trust": 2.97
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "JVN",
"id": "JVN05340816",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2017-2149",
"trust": 3.3
},
{
"db": "BID",
"id": "97697",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-06938",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"db": "BID",
"id": "97697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"id": "VAR-201704-0898",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
}
],
"trust": 1.5375
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
}
]
},
"last_update_date": "2024-11-23T22:26:47.214000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Toshiba Corporation website",
"trust": 0.8,
"url": "http://www.toshiba-personalstorage.net/news/20170414.htm"
},
{
"title": "Patches for multiple Toshiba memory card installers that are not trusted for search path vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/93907"
},
{
"title": "Multiple Toshiba Repair measures for memory card installer security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=69714"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-426",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://jvn.jp/en/jp/jvn05340816/index.html"
},
{
"trust": 2.2,
"url": "http://www.securityfocus.com/bid/97697"
},
{
"trust": 1.6,
"url": "http://www.toshiba-personalstorage.net/news/20170414.htm"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-2149"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-2149"
},
{
"trust": 0.3,
"url": "http://blog.metasploit.com/2010/08/exploiting-dll-hijacking-flaws.html"
},
{
"trust": 0.3,
"url": "http://blogs.technet.com/b/srd/archive/2010/08/23/more-information-about-dll-preloading-remote-attack-vector.aspx"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"db": "BID",
"id": "97697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"db": "BID",
"id": "97697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"date": "2017-04-14T00:00:00",
"db": "BID",
"id": "97697"
},
{
"date": "2017-04-14T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"date": "2017-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"date": "2017-04-28T16:59:01.917000",
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-05-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-06938"
},
{
"date": "2017-04-18T00:07:00",
"db": "BID",
"id": "97697"
},
{
"date": "2017-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-000069"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-965"
},
{
"date": "2024-11-21T03:22:59.327000",
"db": "NVD",
"id": "CVE-2017-2149"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple installers of Toshiba memory card related software may insecurely load Dynamic Link Libraries",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-000069"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "code problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-965"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…