Makoto Shiotsuki

**Name of the Vulnerable Software and Affected Versions** FFFTP versions 1.98a and earlier **Description** The issue allows local users to execute arbitrary code via unspecified functions due to an untrusted search path vulnerability. **Recommendations** For FFFTP versions 1.98a and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 6 through 9 **Description** A remote code execution issue exists in the way Internet Explorer uses the telnet URI handler, allowing attackers to execute arbitrary code in the context of the logged-on user via a crafted web site. This is due to the telnet URI handler in Internet Explorer not properly launching the handler application. **Recommendations** For Microsoft Internet Explorer versions 6 through 9, update to a version that properly handles the telnet URI handler to prevent remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** XnView versions prior to 1.98.1 **Description** The issue allows local users to gain privileges via a Trojan horse .exe file in a folder selected by the "Open containing folder" menu item, due to an untrusted search path vulnerability. **Recommendations** For versions prior to 1.98.1, update to version 1.98.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Lunascape versions prior to 6.4.3 **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory due to an untrusted search path vulnerability in the script function. **Recommendations** For versions prior to 6.4.3, update to version 6.4.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Opera versions prior to 11.01 **Description** The issue is related to the downloads manager in Opera, which does not properly determine the pathname of the filesystem-viewing application. This allows remote attackers to execute arbitrary code via a crafted web site that hosts an executable file, but it requires user assistance. **Recommendations** For Opera versions prior to 11.01, update to version 11.01 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** VIM Development Group GVim versions prior to 7.3.46 **Description** The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse User32.dll or other DLL that is located in the same folder as a .TXT file. **Recommendations** For versions prior to 7.3.46, update to version 7.3.46 or later to resolve the issue. As a temporary workaround, consider restricting access to untrusted search paths to minimize the risk of exploitation. Avoid executing GVim from untrusted directories to prevent DLL hijacking attacks.

**Name of the Vulnerable Software and Affected Versions** Yokka NoEditor versions 1.33.1.1 and earlier OuiEditor versions 1.6.1.1 and earlier UnEditor versions 1.10.1.2 and earlier DeuxEditor versions 1.7.1.2 and earlier SQLEditorXP versions 3.14.1.2 and earlier SQLEditorTE versions 1.9.1.3 and earlier SQLEditor8 versions 3.8.1.2 and earlier SQLEditorClassic versions 1.8.1.3 and earlier **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory due to an untrusted search path vulnerability. **Recommendations** Yokka NoEditor versions 1.33.1.1 and earlier: Update to a version later than 1.33.1.1 to resolve the issue. OuiEditor versions 1.6.1.1 and earlier: Update to a version later than 1.6.1.1 to resolve the issue. UnEditor versions 1.10.1.2 and earlier: Update to a version later than 1.10.1.2 to resolve the issue. DeuxEditor versions 1.7.1.2 and earlier: Update to a version later than 1.7.1.2 to resolve the issue. SQLEditorXP versions 3.14.1.2 and earlier: Update to a version later than 3.14.1.2 to resolve the issue. SQLEditorTE versions 1.9.1.3 and earlier: Update to a version later than 1.9.1.3 to resolve the issue. SQLEditor8 versions 3.8.1.2 and earlier: Update to a version later than 3.8.1.2 to resolve the issue. SQLEditorClassic versions 1.8.1.3 and earlier: Update to a version later than 1.8.1.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Fenrir Sleipnir versions 2.9.4 and earlier Grani versions 4.3 and earlier **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory due to an untrusted search path vulnerability. **Recommendations** For Fenrir Sleipnir versions 2.9.4 and earlier, update to a version later than 2.9.4 to resolve the issue. For Grani versions 4.3 and earlier, update to a version later than 4.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** K2 K2Editor versions prior to 1.5.9 **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory due to an untrusted search path vulnerability. **Recommendations** For versions prior to 1.5.9, update to version 1.5.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Explzh versions 5.67 and earlier **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory. This is due to an untrusted search path vulnerability. **Recommendations** For Explzh versions 5.67 and earlier, update to a version later than 5.67 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Archive Decoder versions 1.23 and earlier **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory. This is due to an untrusted search path vulnerability. **Recommendations** For Archive Decoder versions 1.23 and earlier, update to a version later than 1.23 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apsaly versions prior to 3.74 **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory due to an untrusted search path vulnerability. **Recommendations** For versions prior to 3.74, update to version 3.74 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Fenrir Sleipnir versions prior to 2.9.5 Grani versions prior to 4.4 **Description** The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory due to an untrusted search path vulnerability. **Recommendations** For Fenrir Sleipnir versions prior to 2.9.5, update to version 2.9.5 or later. For Grani versions prior to 4.4, update to version 4.4 or later.

**Name of the Vulnerable Software and Affected Versions** Lhaplus versions prior to 1.58 **Description** The issue allows local users to gain privileges via a Trojan horse DLL in the current working directory due to an untrusted search path vulnerability. **Recommendations** For versions prior to 1.58, update to version 1.58 or later to resolve the issue. As a temporary workaround, consider restricting the execution of DLLs from untrusted sources in the current working directory until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** Lhasa versions 0.19 and earlier **Description** The issue allows local users to gain privileges via a Trojan horse executable file in the current working directory. **Recommendations** For versions 0.19 and earlier, update to a version later than 0.19 to resolve the issue.