Untrusted search path vulnerability in Lunascape before 6.4.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lunascape | Lunascape | * | 6.3.4 (including) |
| Lunascape | Lunascape | 4.1 (including) | 4.1 (including) |
| Lunascape | Lunascape | 4.1.1 (including) | 4.1.1 (including) |
| Lunascape | Lunascape | 4.1.2 (including) | 4.1.2 (including) |
| Lunascape | Lunascape | 4.1.3 (including) | 4.1.3 (including) |
| Lunascape | Lunascape | 5.0 (including) | 5.0 (including) |
| Lunascape | Lunascape | 5.1 (including) | 5.1 (including) |
| Lunascape | Lunascape | 5.1.0 (including) | 5.1.0 (including) |
| Lunascape | Lunascape | 5.1.2 (including) | 5.1.2 (including) |
| Lunascape | Lunascape | 5.1.3 (including) | 5.1.3 (including) |
| Lunascape | Lunascape | 5.1.4 (including) | 5.1.4 (including) |
| Lunascape | Lunascape | 5.1.5 (including) | 5.1.5 (including) |
| Lunascape | Lunascape | 5.1.6 (including) | 5.1.6 (including) |
| Lunascape | Lunascape | 6.0 (including) | 6.0 (including) |
| Lunascape | Lunascape | 6.0.1 (including) | 6.0.1 (including) |
| Lunascape | Lunascape | 6.0.2 (including) | 6.0.2 (including) |
| Lunascape | Lunascape | 6.0.3 (including) | 6.0.3 (including) |
| Lunascape | Lunascape | 6.1 (including) | 6.1 (including) |
| Lunascape | Lunascape | 6.1.1 (including) | 6.1.1 (including) |
| Lunascape | Lunascape | 6.1.2 (including) | 6.1.2 (including) |
| Lunascape | Lunascape | 6.1.3 (including) | 6.1.3 (including) |
| Lunascape | Lunascape | 6.1.4 (including) | 6.1.4 (including) |
| Lunascape | Lunascape | 6.1.5 (including) | 6.1.5 (including) |
| Lunascape | Lunascape | 6.1.6 (including) | 6.1.6 (including) |
| Lunascape | Lunascape | 6.1.7 (including) | 6.1.7 (including) |
| Lunascape | Lunascape | 6.2 (including) | 6.2 (including) |
| Lunascape | Lunascape | 6.2.0 (including) | 6.2.0 (including) |
| Lunascape | Lunascape | 6.3 (including) | 6.3 (including) |
| Lunascape | Lunascape | 6.3.0 (including) | 6.3.0 (including) |
| Lunascape | Lunascape | 6.3.1 (including) | 6.3.1 (including) |
| Lunascape | Lunascape | 6.3.2 (including) | 6.3.2 (including) |
References
- http://help.lunascape.tv/LunascapeHelp-en/page.aspx?pageid=ver_6_4_11
- http://jvn.jp/en/jp/JVN94695018/296426/index.html
- http://jvn.jp/en/jp/JVN94695018/index.html
- http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000004.html
- http://lunapedia.lunascape.jp/index.php?title=Lunascape6#2011.2F01.2F19_ver_6.4.1
- http://osvdb.org/70604
- http://secunia.com/advisories/43003
- http://www.securityfocus.com/bid/45945
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64849
- http://help.lunascape.tv/LunascapeHelp-en/page.aspx?pageid=ver_6_4_11
- http://jvn.jp/en/jp/JVN94695018/296426/index.html
- http://jvn.jp/en/jp/JVN94695018/index.html
- http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000004.html
- http://lunapedia.lunascape.jp/index.php?title=Lunascape6#2011.2F01.2F19_ver_6.4.1
- http://osvdb.org/70604
- http://secunia.com/advisories/43003
- http://www.securityfocus.com/bid/45945
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64849