PT-2017-15326 · Nxp+1 · Nfc Port+3
Eili Masami
·
Publicado
2017-08-02
·
Atualizado
2017-08-23
·
CVE-2017-2286
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
NFC Port Software versions 5.5.0.6 and earlier
NFC Port Software versions 5.3.6.7 and earlier
PC/SC Activator for Type B version 1.2.1.0 and earlier
SFCard Viewer 2 version 2.5.0.0 and earlier
NFC Net Installer version 1.1.0.0 and earlier
Description
The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability.
Recommendations
For NFC Port Software versions 5.5.0.6 and earlier, update to a version later than 5.5.0.6.
For NFC Port Software versions 5.3.6.7 and earlier, update to a version later than 5.3.6.7.
For PC/SC Activator for Type B version 1.2.1.0 and earlier, update to a version later than 1.2.1.0.
For SFCard Viewer 2 version 2.5.0.0 and earlier, update to a version later than 2.5.0.0.
For NFC Net Installer version 1.1.0.0 and earlier, update to a version later than 1.1.0.0.
Correção
Uncontrolled Search Path Element
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Nfc Net Installer
Nfc Port
Pc/Sc Activator For Type B
Sfcard Viewer 2