Refine your search
1 vulnerability found for UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL by Micco
CVE-2018-16190 (GCVE-0-2018-16190)
Vulnerability from cvelistv5
Published
2019-02-13 18:00
Modified
2024-08-05 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Untrusted search path vulnerability
Summary
Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micco | UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL |
Version: (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:17:38.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#52168232",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN52168232/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_04.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://micco.mars.jp/vul/2017/mhsvi20170515_03.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_05.htm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_02.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL",
"vendor": "Micco",
"versions": [
{
"status": "affected",
"version": "(UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier)"
}
]
}
],
"datePublic": "2019-02-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-13T17:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#52168232",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN52168232/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_04.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://micco.mars.jp/vul/2017/mhsvi20170515_03.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_05.htm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_02.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-16190",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL",
"version": {
"version_data": [
{
"version_value": "(UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier)"
}
]
}
}
]
},
"vendor_name": "Micco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#52168232",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN52168232/index.html"
},
{
"name": "http://micco.mars.jp/vul/2017/mhsvi20170515_04.htm",
"refsource": "MISC",
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_04.htm"
},
{
"name": "https://micco.mars.jp/vul/2017/mhsvi20170515_03.htm",
"refsource": "MISC",
"url": "https://micco.mars.jp/vul/2017/mhsvi20170515_03.htm"
},
{
"name": "http://micco.mars.jp/vul/2017/mhsvi20170515_05.htm",
"refsource": "MISC",
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_05.htm"
},
{
"name": "http://micco.mars.jp/vul/2017/mhsvi20170515_02.htm",
"refsource": "MISC",
"url": "http://micco.mars.jp/vul/2017/mhsvi20170515_02.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-16190",
"datePublished": "2019-02-13T18:00:00.000Z",
"dateReserved": "2018-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:17:38.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}