Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
5 vulnerabilities by BOOK WALKER Co.,Ltd.
CVE-2017-10888 (GCVE-0-2017-10888)
Vulnerability from nvd – Published: 2017-11-17 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bookwalker.jp/info/message20171113_pc_app/ | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN18420340/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| BOOK WALKER Co.,Ltd. | BOOK WALKER for Windows |
Affected:
Ver.1.2.9 and earlier
|
|
| BOOK WALKER Co.,Ltd. | BOOK WALKER for Mac |
Affected:
Ver.1.2.5 and earlier
|
Date Public
2017-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BOOK WALKER for Windows",
"vendor": "BOOK WALKER Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.9 and earlier"
}
]
},
{
"product": "BOOK WALKER for Mac",
"vendor": "BOOK WALKER Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.5 and earlier"
}
]
}
],
"datePublic": "2017-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BOOK WALKER for Windows",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.9 and earlier"
}
]
}
},
{
"product_name": "BOOK WALKER for Mac",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.5 and earlier"
}
]
}
}
]
},
"vendor_name": "BOOK WALKER Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bookwalker.jp/info/message20171113_pc_app/",
"refsource": "CONFIRM",
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10888",
"datePublished": "2017-11-17T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10887 (GCVE-0-2017-10887)
Vulnerability from nvd – Published: 2017-11-17 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bookwalker.jp/info/message20171113_pc_app/ | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN18420340/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BOOK WALKER Co.,Ltd. | BOOK WALKER for Windows |
Affected:
Ver.1.2.9 and earlier
|
Date Public
2017-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BOOK WALKER for Windows",
"vendor": "BOOK WALKER Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.9 and earlier"
}
]
}
],
"datePublic": "2017-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BOOK WALKER for Windows",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.9 and earlier"
}
]
}
}
]
},
"vendor_name": "BOOK WALKER Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bookwalker.jp/info/message20171113_pc_app/",
"refsource": "CONFIRM",
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10887",
"datePublished": "2017-11-17T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10887 (GCVE-0-2017-10887)
Vulnerability from cvelistv5 – Published: 2017-11-17 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bookwalker.jp/info/message20171113_pc_app/ | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN18420340/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| BOOK WALKER Co.,Ltd. | BOOK WALKER for Windows |
Affected:
Ver.1.2.9 and earlier
|
Date Public
2017-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.577Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BOOK WALKER for Windows",
"vendor": "BOOK WALKER Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.9 and earlier"
}
]
}
],
"datePublic": "2017-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BOOK WALKER for Windows",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.9 and earlier"
}
]
}
}
]
},
"vendor_name": "BOOK WALKER Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bookwalker.jp/info/message20171113_pc_app/",
"refsource": "CONFIRM",
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10887",
"datePublished": "2017-11-17T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.577Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10888 (GCVE-0-2017-10888)
Vulnerability from cvelistv5 – Published: 2017-11-17 14:00 – Updated: 2024-08-05 17:50
VLAI
Summary
BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors.
Severity
No CVSS data available.
CWE
- Information Disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bookwalker.jp/info/message20171113_pc_app/ | x_refsource_CONFIRM |
| https://jvn.jp/en/jp/JVN18420340/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| BOOK WALKER Co.,Ltd. | BOOK WALKER for Windows |
Affected:
Ver.1.2.9 and earlier
|
|
| BOOK WALKER Co.,Ltd. | BOOK WALKER for Mac |
Affected:
Ver.1.2.5 and earlier
|
Date Public
2017-11-14 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "BOOK WALKER for Windows",
"vendor": "BOOK WALKER Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.9 and earlier"
}
]
},
{
"product": "BOOK WALKER for Mac",
"vendor": "BOOK WALKER Co.,Ltd.",
"versions": [
{
"status": "affected",
"version": "Ver.1.2.5 and earlier"
}
]
}
],
"datePublic": "2017-11-14T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-17T13:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10888",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "BOOK WALKER for Windows",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.9 and earlier"
}
]
}
},
{
"product_name": "BOOK WALKER for Mac",
"version": {
"version_data": [
{
"version_value": "Ver.1.2.5 and earlier"
}
]
}
}
]
},
"vendor_name": "BOOK WALKER Co.,Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bookwalker.jp/info/message20171113_pc_app/",
"refsource": "CONFIRM",
"url": "https://bookwalker.jp/info/message20171113_pc_app/"
},
{
"name": "JVN#18420340",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN18420340/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10888",
"datePublished": "2017-11-17T14:00:00.000Z",
"dateReserved": "2017-07-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T17:50:12.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2017-000237
Vulnerability from jvndb - Published: 2017-11-14 15:19 - Updated:2018-03-07 13:36
Severity
Summary
Multiple vulnerabilities in BOOK WALKER for Windows/Mac
Details
BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books. Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries.
Also BOOK WALKER for Windows/Mac contain a vulnerability which may lead to information disclosure as a result of reading a specially crafted file.
* DLL preloading vulnerability (CWE-427) - CVE-2017-10887
* Information disclosure vulnerability (CWE-200) - CVE-2017-10888
Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000237.html",
"dc:date": "2018-03-07T13:36+09:00",
"dcterms:issued": "2017-11-14T15:19+09:00",
"dcterms:modified": "2018-03-07T13:36+09:00",
"description": "BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books. Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries.\r\n\r\nAlso BOOK WALKER for Windows/Mac contain a vulnerability which may lead to information disclosure as a result of reading a specially crafted file. \r\n* DLL preloading vulnerability (CWE-427) - CVE-2017-10887 \r\n* Information disclosure vulnerability (CWE-200) - CVE-2017-10888 \r\n\r\nYuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000237.html",
"sec:cpe": {
"#text": "cpe:/a:bookwalker:book_walker",
"@product": "BOOK WALKER",
"@vendor": "BOOK WALKER Co.,Ltd.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "7.1",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
{
"@score": "5.5",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-000237",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN18420340/index.html",
"@id": "JVN#18420340",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10887",
"@id": "CVE-2017-10887",
"@source": "CVE"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10888",
"@id": "CVE-2017-10888",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10887",
"@id": "CVE-2017-10887",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10888",
"@id": "CVE-2017-10888",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-200",
"@title": "Information Exposure(CWE-200)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple vulnerabilities in BOOK WALKER for Windows/Mac"
}