Eili Masami

**Name of the Vulnerable Software and Affected Versions** LHMelting versions 1.65.3.6 and earlier **Description** The issue is related to an untrusted search path vulnerability in the installer. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions 1.65.3.6 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UNARJ32.DLL version 1.10.1.25 and earlier **Description** The issue is related to an untrusted search path vulnerability in the installer of UNARJ32.DLL. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions 1.10.1.25 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UNLHA32.DLL versions prior to 3.00 **Description** The issue concerns an untrusted search path vulnerability in Self-Extracting Archives created by UNLHA32.DLL. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions prior to 3.00, update to version 3.00 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Glary Utilities versions 5.99 and earlier Glary Utilities Pro versions 5.99 and earlier **Description** The issue is related to an untrusted search path vulnerability in the installer. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For Glary Utilities versions 5.99 and earlier, update to a version later than 5.99. For Glary Utilities Pro versions 5.99 and earlier, update to a version later than 5.99.

**Name of the Vulnerable Software and Affected Versions** Skype for Windows (affected versions not specified) **Description** The issue is related to an untrusted search path vulnerability in the installer. This could allow an attacker to gain privileges by using a Trojan horse DLL in an unspecified directory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue concerns an untrusted search path vulnerability in self-extracting archive files created by IExpress, which is bundled with Microsoft Windows. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoundEngine Free versions 5.21 and earlier **Description** The issue is related to an untrusted search path vulnerability in the Installer of SoundEngine Free. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions 5.21 and earlier, update to a version later than 5.21 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WinShot versions 1.53a and earlier **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory due to an untrusted search path vulnerability. **Recommendations** For versions 1.53a and earlier, update to a version later than 1.53a to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Jtrim versions 1.53c and earlier **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory due to an untrusted search path vulnerability. **Recommendations** For Jtrim versions 1.53c and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FLET'S Azukeru Backup Tool versions 1.5.2.6 and earlier **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability. **Recommendations** For FLET'S Azukeru Backup Tool versions 1.5.2.6 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FLET'S versions v4 through v6 **Description** The issue is related to an untrusted search path vulnerability in the address selection tool, which allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For FLET'S versions v4 through v6, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Anshin net security for Windows versions 16.0.1.44 and earlier **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability. **Recommendations** For versions 16.0.1.44 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FLET'S VIRUS CLEAR Easy Setup & Application Tool versions prior to ver.12 FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool versions prior to ver.12 **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability. **Recommendations** For FLET'S VIRUS CLEAR Easy Setup & Application Tool versions prior to ver.12, update to version ver.12 or later to resolve the issue. For FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool versions prior to ver.12, update to version ver.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Media Go versions 3.2.0.191 and earlier **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability. **Recommendations** For Media Go versions 3.2.0.191 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HIBUN Confidential File Viewer versions prior to 11.20.0001 **Description** The issue is related to an untrusted search path vulnerability in the Installer of HIBUN Confidential File Viewer. This vulnerability allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions prior to 11.20.0001, update to version 11.20.0001 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** HIBUN Confidential File Decryption program versions prior to 10.50.0.5 **Description** The issue is related to an untrusted search path vulnerability. This allows an attacker to potentially gain privileges by using a Trojan horse DLL in an unspecified directory. **Recommendations** For versions prior to 10.50.0.5, update to version 10.50.0.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** i-filter 6.0 installer version before 23 Aug 2017 **Description** The issue allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory, due to an untrusted search path vulnerability. **Recommendations** For i-filter 6.0 installer version before 23 Aug 2017, ensure the timestamp of code signing is updated to 23 Aug 2017 (JST) or later to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** i-filter 6.0 installer version before 23 Aug 2017 **Description** The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory due to an untrusted search path vulnerability. **Recommendations** For i-filter 6.0 installer version before 23 Aug 2017, ensure that the timestamp of code signing is updated to 23 Aug 2017 (JST) or later to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** i-filter 6.0 install program versions 1.0.8.1 and earlier **Description** The issue is related to an untrusted search path vulnerability. This allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. **Recommendations** For versions 1.0.8.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FENCE-Explorer for Windows versions 8.4.1 and earlier **Description** The issue allows an attacker to gain privileges through a Trojan horse DLL in an unspecified directory due to an untrusted search path vulnerability. **Recommendations** For versions 8.4.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.