Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1 vulnerability by CELSYS,Inc.

    JVNDB-2018-000041

    Vulnerability from jvndb - Published: 2018-04-27 15:19 - Updated:2018-08-30 14:12
    Severity
    Summary
    The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries
    Details
    The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000041.html",
      "dc:date": "2018-08-30T14:12+09:00",
      "dcterms:issued": "2018-04-27T15:19+09:00",
      "dcterms:modified": "2018-08-30T14:12+09:00",
      "description": "The installers of multiple software provided by CELSYS,Inc. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).",
      "link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000041.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_action",
          "@product": "CLIP STUDIO ACTION (for Windows)",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_modeler",
          "@product": "CLIP STUDIO MODELER (for Windows) ",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_paint",
          "@product": "CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:misc:celsys_clip_studio_paint",
          "@product": "CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT",
          "@vendor": "CELSYS,Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": [
        {
          "@score": "6.8",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "@version": "2.0"
        },
        {
          "@score": "7.8",
          "@severity": "High",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2018-000041",
      "sec:references": [
        {
          "#text": "https://jvn.jp/en/jp/JVN68345747/index.html",
          "@id": "JVN#68345747",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
          "@id": "JVNTA#91240916",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0580",
          "@id": "CVE-2018-0580",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0580",
          "@id": "CVE-2018-0580",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "The installers of multiple CELSYS,Inc. software may insecurely load Dynamic Link Libraries"
    }