Eiji James Yoshida

**Nome do software vulnerável e versões afetadas** Trend Micro Password Manager (Consumer), versões 3.7.0.1223 e anteriores **Descrição** O problema está relacionado ao caminho de busca de DLLs no instalador, o que pode levar ao carregamento inseguro de bibliotecas de ligação dinâmica (DLLs). Isso foi relatado em uma versão do produto que chegou ao fim do ciclo de vida. **Recomendações** Para as versões 3.7.0.1223 e anteriores, atualize para a versão mais recente suportada (5.x) para resolver o problema.

**Nome do software vulnerável e versões afetadas** WPS Presentation versão 11.8.0.5745 **Descrição** O problema está relacionado ao carregamento inseguro da biblioteca d3dx9 41.dll ao abrir arquivos .pps, especificamente devido ao carregamento da DLL no “tipo de diretório atual”. Isso pode permitir que um invasor eleve privilégios e execute código arbitrário. **Recomendações** Para o WPS Presentation versão 11.8.0.5745, considere restringir o carregamento da biblioteca d3dx9 41.dll para impedir a exploração até que uma correção esteja disponível. Como solução temporária, evite abrir arquivos .pps de fontes não confiáveis para minimizar o risco de exploração. No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Nome do software vulnerável e versões afetadas** WPS Office versão 10.8.0.5745 **Descrição** O problema está relacionado ao carregamento inseguro da biblioteca dinâmica `shcore.dll` pelo instalador do WPS Office, permitindo que um invasor execute código arbitrário com os privilégios do usuário que invocou o instalador. Isso pode potencialmente levar à escalada de privilégios e à execução de código malicioso. **Recomendações** Para o WPS Office versão 10.8.0.5745, considere atualizar para uma versão mais recente que corrija este problema, pois a versão atual carrega a biblioteca `shcore.dll` de forma insegura, representando um risco de execução de código arbitrário. No momento, não há informações sobre uma versão mais recente que contenha uma correção para esta vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** Yayoi Kaikei 17 Series versions 23.1.1 and earlier Yayoi Aoiro Shinkoku 17 versions 23.1.1 and earlier Yayoi Kyuuyo 17 versions 20.1.4 and earlier Yayoi Kyuuyo Keisan 17 versions 20.1.4 and earlier Yayoi Hanbai 17 Series versions 20.0.2 and earlier Yayoi Kokyaku Kanri 17 versions 11.0.2 and earlier **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This flaw exists within the handling of `msjet49.dll` loaded by the vulnerable products. **Recommendations** For Yayoi Kaikei 17 Series versions 23.1.1 and earlier, consider restricting access to the directory where `msjet49.dll` is loaded until a patch is available. For Yayoi Aoiro Shinkoku 17 versions 23.1.1 and earlier, consider restricting access to the directory where `msjet49.dll` is loaded until a patch is available. For Yayoi Kyuuyo 17 versions 20.1.4 and earlier, consider restricting access to the directory where `msjet49.dll` is loaded until a patch is available. For Yayoi Kyuuyo Keisan 17 versions 20.1.4 and earlier, consider restricting access to the directory where `msjet49.dll` is loaded until a patch is available. For Yayoi Hanbai 17 Series versions 20.0.2 and earlier, consider restricting access to the directory where `msjet49.dll` is loaded until a patch is available. For Yayoi Kokyaku Kanri 17 versions 11.0.2 and earlier, consider restricting access to the directory where `msjet49.dll` is loaded until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Yayoi Kaikei 17 Series versions 23.1.1 and earlier Yayoi Aoiro Shinkoku 17 versions 23.1.1 and earlier Yayoi Kyuuyo 17 versions 20.1.4 and earlier Yayoi Kyuuyo Keisan 17 versions 20.1.4 and earlier Yayoi Hanbai 17 Series versions 20.0.2 and earlier Yayoi Kokyaku Kanri 17 versions 11.0.2 and earlier **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This flaw exists within the handling of `ykkapi.dll` loaded by the vulnerable products. **Recommendations** For Yayoi Kaikei 17 Series versions 23.1.1 and earlier, consider restricting access to the `ykkapi.dll` until a patch is available. For Yayoi Aoiro Shinkoku 17 versions 23.1.1 and earlier, consider restricting access to the `ykkapi.dll` until a patch is available. For Yayoi Kyuuyo 17 versions 20.1.4 and earlier, consider restricting access to the `ykkapi.dll` until a patch is available. For Yayoi Kyuuyo Keisan 17 versions 20.1.4 and earlier, consider restricting access to the `ykkapi.dll` until a patch is available. For Yayoi Hanbai 17 Series versions 20.0.2 and earlier, consider restricting access to the `ykkapi.dll` until a patch is available. For Yayoi Kokyaku Kanri 17 versions 11.0.2 and earlier, consider restricting access to the `ykkapi.dll` until a patch is available.

**Name of the Vulnerable Software and Affected Versions** PhishWall Client Firefox and Chrome edition for Windows version 5.1.26 and earlier **Description** The issue concerns an untrusted search path vulnerability in the installer. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions 5.1.26 and earlier, update to a version later than 5.1.26 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** PrimeDrive Desktop Application versions 1.4.4 and earlier **Description** The issue allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory due to an untrusted search path vulnerability. **Recommendations** For PrimeDrive Desktop Application versions 1.4.4 and earlier, update to a version later than 1.4.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** The JPKI user's software (for Windows 7 and later) versions Ver3.1 and earlier The JPKI user's software (for Windows Vista) The JPKI user's software Ver2.6 and earlier **Description** The issue allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability in the installers for the affected software. **Recommendations** For The JPKI user's software (for Windows 7 and later) versions Ver3.1 and earlier, update to a version later than Ver3.1. For The JPKI user's software (for Windows Vista), consider applying security patches or updates if available. For The JPKI user's software Ver2.6 and earlier, update to a version later than Ver2.6.

**Name of the Vulnerable Software and Affected Versions** Vivaldi versions prior to 1.7.735.48 **Description** The issue concerns an untrusted search path vulnerability in the Vivaldi installer for Windows. This vulnerability allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. **Recommendations** For versions prior to 1.7.735.48, update to version 1.7.735.48 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000, XP, and Server 2003 Description: A cross-site scripting issue exists due to the Indexing Service in Microsoft Windows. When the Encoding option is set to Auto Select, remote attackers can inject arbitrary web script or HTML via a UTF-7 encoded URL. This encoded URL is then injected into an error message with a charset set to UTF-7. Recommendations: For Microsoft Windows 2000, XP, and Server 2003, consider disabling the Indexing Service or setting the Encoding option to a value other than Auto Select to mitigate the risk of exploitation. Restrict access to the Indexing Service to minimize the risk of remote attackers injecting arbitrary web script or HTML.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows Server 2003 **Description** A directory traversal issue exists in the "Shell Folders" capability, allowing remote attackers to read arbitrary files by utilizing .. (dot dot) sequences in a "shell:" link. **Recommendations** For Microsoft Windows Server 2003, consider restricting access to the "Shell Folders" capability until a fix is available. As a temporary workaround, avoid using "shell:" links that contain .. (dot dot) sequences to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.