PT-2017-15235 · Unknown · Jasdf 04.Exe+7
Published
2017-06-09
·
Updated
2017-06-22
·
CVE-2017-2176
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
jasdf 01.exe version prior to May 25, 2017
jasdf 02.exe version prior to May 25, 2017
jasdf 03.exe version prior to May 25, 2017
jasdf 04.exe version prior to May 25, 2017
jasdf 05.exe version prior to May 25, 2017
scramble setup.exe version prior to May 25, 2017
clock 01 setup.exe version prior to May 25, 2017
clock 02 setup.exe version prior to May 25, 2017
Description
The issue allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This is due to an untrusted search path vulnerability in screensaver installers.
Recommendations
For jasdf 01.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 02.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 03.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 04.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For jasdf 05.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For scramble setup.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For clock 01 setup.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
For clock 02 setup.exe version prior to May 25, 2017, update to a version released after May 25, 2017.
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Clock 01 Setup.Exe
Clock 02 Setup.Exe
Jasdf 01.Exe
Jasdf 02.Exe
Jasdf 03.Exe
Jasdf 04.Exe
Jasdf 05.Exe
Scramble Setup.Exe