Refine your search
2 vulnerabilities found for by Acquisition, Technology & Logistics Agency
CVE-2017-2208 (GCVE-0-2017-2208)
Vulnerability from cvelistv5
Published
2017-07-07 13:00
Modified
2024-08-05 13:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Untrusted search path vulnerability
Summary
Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory.
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acquisition, Technology & Logistics Agency | Installer of electronic tendering and bid opening system |
Version: available prior to June 12, 2017 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:04.306Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html"
},
{
"name": "JVN#27198823",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN27198823/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer of electronic tendering and bid opening system",
"vendor": "Acquisition, Technology \u0026 Logistics Agency",
"versions": [
{
"status": "affected",
"version": "available prior to June 12, 2017"
}
]
}
],
"datePublic": "2017-06-12T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-07T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html"
},
{
"name": "JVN#27198823",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN27198823/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2208",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer of electronic tendering and bid opening system",
"version": {
"version_data": [
{
"version_value": "available prior to June 12, 2017"
}
]
}
}
]
},
"vendor_name": "Acquisition, Technology \u0026 Logistics Agency"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html",
"refsource": "MISC",
"url": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html"
},
{
"name": "JVN#27198823",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN27198823/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2208",
"datePublished": "2017-07-07T13:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:48:04.306Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2178 (GCVE-0-2017-2178)
Vulnerability from cvelistv5
Published
2017-06-09 16:00
Modified
2024-08-05 13:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Untrusted search path vulnerability
Summary
Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Acquisition, Technology & Logistics Agency | Installer of electronic tendering and bid opening system |
Version: available prior to May 25, 2017 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:03.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#75514460",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN75514460/index.html"
},
{
"name": "98725",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98725"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer of electronic tendering and bid opening system",
"vendor": "Acquisition, Technology \u0026 Logistics Agency",
"versions": [
{
"status": "affected",
"version": "available prior to May 25, 2017"
}
]
}
],
"datePublic": "2017-05-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-12T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#75514460",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN75514460/index.html"
},
{
"name": "98725",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98725"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2178",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer of electronic tendering and bid opening system",
"version": {
"version_data": [
{
"version_value": "available prior to May 25, 2017"
}
]
}
}
]
},
"vendor_name": "Acquisition, Technology \u0026 Logistics Agency"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#75514460",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN75514460/index.html"
},
{
"name": "98725",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98725"
},
{
"name": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html",
"refsource": "CONFIRM",
"url": "http://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2178",
"datePublished": "2017-06-09T16:00:00.000Z",
"dateReserved": "2016-12-01T00:00:00.000Z",
"dateUpdated": "2024-08-05T13:48:03.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}