Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
3 vulnerabilities by Glarysoft Ltd.
CVE-2018-0619 (GCVE-0-2018-0619)
Vulnerability from cvelistv5 – Published: 2018-07-26 17:00 – Updated: 2024-08-05 03:28
VLAI
Summary
Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN84967039/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Glarysoft Ltd. | Installer of Glary Utilities |
Affected:
Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier
|
Date Public
2018-07-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84967039",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN84967039/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer of Glary Utilities",
"vendor": "Glarysoft Ltd.",
"versions": [
{
"status": "affected",
"version": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
}
]
}
],
"datePublic": "2018-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-26T16:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84967039",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN84967039/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer of Glary Utilities",
"version": {
"version_data": [
{
"version_value": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
}
]
}
}
]
},
"vendor_name": "Glarysoft Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84967039",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN84967039/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0619",
"datePublished": "2018-07-26T17:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:28:11.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-0619 (GCVE-0-2018-0619)
Vulnerability from nvd – Published: 2018-07-26 17:00 – Updated: 2024-08-05 03:28
VLAI
Summary
Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Severity
No CVSS data available.
CWE
- Untrusted search path vulnerability
Assigner
References
1 reference
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN84967039/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Glarysoft Ltd. | Installer of Glary Utilities |
Affected:
Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier
|
Date Public
2018-07-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:28:11.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#84967039",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN84967039/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Installer of Glary Utilities",
"vendor": "Glarysoft Ltd.",
"versions": [
{
"status": "affected",
"version": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
}
]
}
],
"datePublic": "2018-07-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Untrusted search path vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-26T16:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#84967039",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN84967039/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2018-0619",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Installer of Glary Utilities",
"version": {
"version_data": [
{
"version_value": "Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier"
}
]
}
}
]
},
"vendor_name": "Glarysoft Ltd."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#84967039",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN84967039/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2018-0619",
"datePublished": "2018-07-26T17:00:00.000Z",
"dateReserved": "2017-11-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:28:11.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
JVNDB-2018-000070
Vulnerability from jvndb - Published: 2018-07-03 13:42 - Updated:2019-07-05 17:52
Severity
Summary
Installer of Glary Utilities may insecurely load Dynamic Link Libraries
Details
Installer of Glary Utilities provided by Glarysoft Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).
Eili Masami reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |
|---|---|---|
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000070.html",
"dc:date": "2019-07-05T17:52+09:00",
"dcterms:issued": "2018-07-03T13:42+09:00",
"dcterms:modified": "2019-07-05T17:52+09:00",
"description": "Installer of Glary Utilities provided by Glarysoft Ltd. contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427).\r\n\r\nEili Masami reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000070.html",
"sec:cpe": {
"#text": "cpe:/a:glarysoft:glary_utilities",
"@product": "Glary Utilities",
"@vendor": "Glarysoft Ltd.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000070",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN84967039/index.html",
"@id": "JVN#84967039",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0619",
"@id": "CVE-2018-0619",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-0619",
"@id": "CVE-2018-0619",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Installer of Glary Utilities may insecurely load Dynamic Link Libraries"
}