CVE-2017-2286
First published: Wed Aug 02 2017(Updated: )
Untrusted search path vulnerability in NFC Port Software Version 5.5.0.6 and earlier (for RC-S310, RC-S320, RC-S330, RC-S370, RC-S380, RC-S380/S), NFC Port Software Version 5.3.6.7 and earlier (for RC-S320, RC-S310/J1C, RC-S310/ED4C), PC/SC Activator for Type B Ver.1.2.1.0 and earlier, SFCard Viewer 2 Ver.2.5.0.0 and earlier, NFC Net Installer Ver.1.1.0.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Credit: vultures@jpcert.or.jp
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sony Nfc Port Firmware | <=5.5.0.6 | |
| Sony Rc-s310 | ||
| Sony Rc-s320 | ||
| Sony Rc-s330 | ||
| Sony Rc-s370 | ||
| Sony Rc-s380 | ||
| Sony Rc-s380\/s | ||
| Sony Nfc Port Firmware | <=5.3.6.7 | |
| Sony Rc-s310\/ed4c | ||
| Sony Rc-s310\/j1c | ||
| Sony Pc\/sc Activator For Type B | <=1.2.1.0 | |
| Sony Sfcard Viewer 2 | =2.5.0.0 | |
| Sony Nfc Net Installer | <=1.1.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/weakness
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sony
- canonical/sony nfc port firmware
- version/sony nfc port firmware/5.5.0.6
- canonical/sony rc-s310
- canonical/sony rc-s320
- canonical/sony rc-s330
- canonical/sony rc-s370
- canonical/sony rc-s380
- canonical/sony rc-s380\/s
- version/sony nfc port firmware/5.3.6.7
- canonical/sony rc-s310\/ed4c
- canonical/sony rc-s310\/j1c
- canonical/sony pc\/sc activator for type b
- version/sony pc\/sc activator for type b/1.2.1.0
- canonical/sony sfcard viewer 2
- version/sony sfcard viewer 2/2.5.0.0
- canonical/sony nfc net installer
- version/sony nfc net installer/1.1.0.0