Untrusted search path vulnerability in Installers for Specification check program (social insurance) Ver. 9.00 and earlier, TODOKESHO print program Ver. 5.00 and earlier, Device data encryption program Ver. 1.00 and earlier, and TODOKESHO creation program Ver. 15.00 and earlier available prior to October 17, 2016 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
References
Link | Resource |
---|---|
http://www.nenkin.go.jp/denshibenri/setsumei/0104.html | Patch Vendor Advisory |
http://www.nenkin.go.jp/denshibenri/setsumei/20140630.html | Patch Vendor Advisory |
http://www.nenkin.go.jp/denshibenri/setsumei/20150105-03.html | Patch Vendor Advisory |
http://www.nenkin.go.jp/denshibenri/setsumei/20150415.html#cmscheck | Patch Vendor Advisory |
http://www.securityfocus.com/bid/94616 | Third Party Advisory VDB Entry |
https://jvn.jp/en/jp/JVN08868688/index.html | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-06-09 16:29
Updated : 2024-02-28 16:04
NVD link : CVE-2016-7818
Mitre link : CVE-2016-7818
CVE.ORG link : CVE-2016-7818
JSON object : View
Products Affected
japan_pension_service
- specification_check_program
- todokesho_creation_program
- device_data_encryption_program
- todokesho_print_program
CWE
CWE-264
Permissions, Privileges, and Access Controls