CVE-2018-16190

Sažetak

Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Reference

http://jvn.jp/en/jp/JVN52168232/index.html
http://micco.mars.jp/vul/2017/mhsvi20170515_02.htm
http://micco.mars.jp/vul/2017/mhsvi20170515_04.htm
http://micco.mars.jp/vul/2017/mhsvi20170515_05.htm
https://micco.mars.jp/vul/2017/mhsvi20170515_03.htm

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

21-02-2019 - 17:34

Objavljeno

13-02-2019 - 18:29