CVE-2017-2154
Last modified
CVE-2017-2154 is a vulnerability of currently unknown severity. Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.. EPSS estimates a 1.17% chance of exploitation in the next 30 days.
Description
Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Justsystems | Hanako | 2015 |
| Justsystems | Hanako | 2016 |
| Justsystems | Hanako | 2017 |
| Justsystems | Hanako Police | 5 |
| Justsystems | Hanako Pro | 3 |
| Justsystems | Just Frontier | 3 |
| Justsystems | Just Government | 3 |
| Justsystems | Just Jump Class | 2 |
| Justsystems | Just Office | 3 |
| Justsystems | Just Police | 3 |
| Justsystems | Just School | 6 |
References
- https://jvn.jp/en/jp/JVN54268888/index.htmlThird Party Advisory, VDB Entry
- https://www.justsystems.com/jp/info/js17002.htmlVendor Advisory
- https://jvn.jp/en/jp/JVN54268888/index.htmlThird Party Advisory, VDB Entry
- https://www.justsystems.com/jp/info/js17002.htmlVendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-2154?
How severe is CVE-2017-2154?
How do I fix CVE-2017-2154?
Are you affected by CVE-2017-2154?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST