PT-2017-15235 · Unknown · Jasdf 04.Exe+7
Publicado
2017-06-09
·
Atualizado
2017-06-22
·
CVE-2017-2176
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
jasdf 01.exe version prior to May 25, 2017
jasdf 02.exe version prior to May 25, 2017
jasdf 03.exe version prior to May 25, 2017
jasdf 04.exe version prior to May 25, 2017
jasdf 05.exe version prior to May 25, 2017
scramble setup.exe version prior to May 25, 2017
clock 01 setup.exe version prior to May 25, 2017
clock 02 setup.exe version prior to May 25, 2017
Description
The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability in screensaver installers.
Recommendations
For jasdf 01.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 02.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 03.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 04.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 05.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For scramble setup.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For clock 01 setup.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For clock 02 setup.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
Correção
Untrusted Search Path
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Clock 01 Setup.Exe
Clock 02 Setup.Exe
Jasdf 01.Exe
Jasdf 02.Exe
Jasdf 03.Exe
Jasdf 04.Exe
Jasdf 05.Exe
Scramble Setup.Exe