CVE-2017-10850
N/A
Summary
Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Fuji Xerox Co.,Ltd. | Installer of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 12 Apr 2017 02:04 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of ART EX Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 12 Apr 2017 02:04 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 12 Apr 2017 02:10 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of PostScript? Driver + Additional Feature Plug-in + PPD File for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 12 Apr 2017 02:10 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 3 Nov 2017 23:48 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of XPS Print Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 3 Nov 2017 23:48 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 26 May 2017 07:44 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of ART EX Direct FAX Driver for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 26 May 2017 07:44 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 25 Aug 2015 08:51 UTC | affected |
| Fuji Xerox Co.,Ltd. | Installer of Setting Restore Tool for DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 | Timestamp of code signing is before 25 Aug 2015 08:51 UTC | affected |
Weaknesses
- Untrusted search path vulnerability
ADP Enrichment
CVE Program Container
Additional References
- https://jvn.jp/en/jp/JVN09769017/index.html
- http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html
References
- https://jvn.jp/en/jp/JVN09769017/index.html
- http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.