CVE-2017-2178

Description

Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected products

• Acquisition, Technology & Logistics Agency / Installer of electronic tendering and bid opening systemavailable prior to May 25, 2017 – available prior to May 25, 2017

References

• MISChttp://jvn.jp/en/jp/JVN75514460/index.html
• MISChttp://www.securityfocus.com/bid/98725
• MISChttp://www.mod.go.jp/atla/souhon/cals/nyusatsu_top.html