Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    1 vulnerability found for XacRett by kMonos.NET

    JVNDB-2010-000040

    Vulnerability from jvndb - Published: 2010-10-20 17:40 - Updated:2010-10-20 17:40
    Severity
    N/A (UNKNOWN) - -
    Summary
    XacRett may insecurely load executable files
    Details
    XacRett may use unsafe methods for determining how to load executables (.exe). XacRett is a file extraction software that supports many file formats. XacRett loads certain executables (.exe) when extracting files. XacRett contains an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    References
    Impacted products
    Show details on JVN DB website
    To clipboard 

    {
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000040.html",
  "dc:date": "2010-10-20T17:40+09:00",
  "dcterms:issued": "2010-10-20T17:40+09:00",
  "dcterms:modified": "2010-10-20T17:40+09:00",
  "description": "XacRett may use unsafe methods for determining how to load executables (.exe).\r\n\r\nXacRett is a file extraction software that supports many file formats. XacRett loads certain executables (.exe) when extracting files. XacRett contains an issue with the file search path, which may insecurely load executables.\r\n\r\nMakoto Shiotsuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
  "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000040.html",
  "sec:cpe": {
    "#text": "cpe:/a:kmonos:xacrett",
    "@product": "XacRett",
    "@vendor": "kMonos.NET",
    "@version": "2.2"
  },
  "sec:cvss": {
    "@score": "6.8",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2010-000040",
  "sec:references": [
    {
      "#text": "http://jvn.jp/en/jp/JVN04665167/index.html",
      "@id": "JVN#04665167",
      "@source": "JVN"
    },
    {
      "#text": "https://jvn.jp/en/tr/JVNTR-2010-23/",
      "@id": "JVNTR-2010-23",
      "@source": "JVNTR"
    },
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3157",
      "@id": "CVE-2010-3157",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3157",
      "@id": "CVE-2010-3157",
      "@source": "NVD"
    },
    {
      "#text": "http://www.us-cert.gov/cas/techalerts/TA10-238A.html",
      "@id": "TA10-238A",
      "@source": "CERT-TA"
    },
    {
      "#text": "http://secunia.com/advisories/41850",
      "@id": "SA41850",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/44125",
      "@id": "44125",
      "@source": "BID"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-Other",
      "@title": "No Mapping(CWE-Other)"
    }
  ],
  "title": "XacRett may insecurely load executable files"
}