Vulnerability Description
Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)" Ver3.0.1 and earlier and The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jpki | The Public Certification Service For Individuals | <= 2.6 |
| Jpki | The Public Certification Service For Individuals For Windows 7 | <= 3.0.1 |
| Jpki | The Public Certification Service For Individuals For Windows Vista | <= 3.0.1 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94087Third Party AdvisoryVDB Entry
- https://jvn.jp/en/jp/JVN91002412/index.htmlThird Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/94087Third Party AdvisoryVDB Entry
- https://jvn.jp/en/jp/JVN91002412/index.htmlThird Party AdvisoryVDB Entry
FAQ
What is CVE-2016-4902?
CVE-2016-4902 is a vulnerability with a CVSS score of 7.8 (HIGH). Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for ...
How severe is CVE-2016-4902?
CVE-2016-4902 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-4902?
Check the references section above for vendor advisories and patch information. Affected products include: Jpki The Public Certification Service For Individuals, Jpki The Public Certification Service For Individuals For Windows 7, Jpki The Public Certification Service For Individuals For Windows Vista.