Untrusted search path vulnerability in The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017, The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-426,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mlit | denshiseikabutsusakuseishienkensa | * |
National land numerical information data conversion tool all versions improperly restricts XML external entity references (XXE). By processing a specially crafted XML file, arbitrary files on the PC may be accessed by an attacker.
Products Affected
| Vendor | Product | Version |
|---|---|---|
| mlit | national_land_numerical_information_data_conversion_tool | * |