exploitDog

CVE-2017-10825

Опубликовано: 02 нояб. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Ссылки

http://flets-w.com/topics/setup_tool_vulnerability/
Vendor Advisory
https://jvn.jp/en/jp/JVN97243511/278948/index.html
Third Party Advisory
VDB Entry
http://flets-w.com/topics/setup_tool_vulnerability/
Vendor Advisory
https://jvn.jp/en/jp/JVN97243511/278948/index.html
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:flets-w:flets_easy_setup_tool:1.2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 45%

0.00222

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-426

Связанные уязвимости

GHSA-r7xp-5xhg-3g8w

CVSS3: 7.8

github

больше 3 лет назад

Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

EPSS

Процентиль: 45%

0.00222

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-426