CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2157

Untrusted search path vulnerability in installers for The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)", The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier that were available until April 27, 2017 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.3%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 4.4

References

Products affected by CVE-2017-2157

Jpki » The Public Certification Service For Individuals » Version: N/A

cpe:2.3:a:jpki:the_public_certification_service_for_individuals:-
Jpki » The Public Certification Service For Individuals » Version: 2.6

cpe:2.3:a:jpki:the_public_certification_service_for_individuals:2.6
Jpki » The Public Certification Service For Individuals » Version: 3.0.1

cpe:2.3:a:jpki:the_public_certification_service_for_individuals:3.0.1
Jpki » The Public Certification Service For Individuals » Version: 3.1

cpe:2.3:a:jpki:the_public_certification_service_for_individuals:3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-2157

Products

Pricing

Contact Us