{"containers": {"cna": {"affected": [{"product": "Music Center for PC", "vendor": "Sony Video & Sound Products Inc.", "versions": [{"status": "affected", "version": "version 1.0.00"}]}], "datePublic": "2017-11-22T00:00:00", "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}], "problemTypes": [{"descriptions": [{"description": "Untrusted search path vulnerability", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-01T13:57:01", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert"}, "references": [{"name": "JVN#08517069", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "https://jvn.jp/en/jp/JVN08517069/index.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "vultures@jpcert.or.jp", "ID": "CVE-2017-10892", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Music Center for PC", "version": {"version_data": [{"version_value": "version 1.0.00"}]}}]}, "vendor_name": "Sony Video & Sound Products Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Untrusted search path vulnerability"}]}]}, "references": {"reference_data": [{"name": "JVN#08517069", "refsource": "JVN", "url": "https://jvn.jp/en/jp/JVN08517069/index.html"}]}}}}, "cveMetadata": {"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2017-10892", "datePublished": "2017-12-01T14:00:00", "dateReserved": "2017-07-04T00:00:00", "dateUpdated": "2017-12-01T13:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sony:music_center:1.0.00:*:*:*:*:*:*:*", "matchCriteriaId": "5E2E2944-6F6E-4ABB-9705-95BF656EF58D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Untrusted search path vulnerability in Music Center for PC version 1.0.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory."}, {"lang": "es", "value": "Una vulnerabilidad de ruta de b\u00fasqueda no fiable en Music Center for PC en sus versiones 1.0.00 permite que un atacante consiga privilegios utilizando un archivo DLL troyano en un directorio no especificado."}], "id": "CVE-2017-10892", "lastModified": "2017-12-14T15:28:00.443", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-12-01T14:29:00.320", "references": [{"source": "vultures@jpcert.or.jp", "tags": ["Issue Tracking", "Third Party Advisory", "VDB Entry"], "url": "https://jvn.jp/en/jp/JVN08517069/index.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}