... Loading ...

SSD Secure Disclosure

Disclosing vulnerabilities responsibly since 2007

SSD Advisory – LINE Corporation URI Handlers Remote Commands Execution

Vulnerabilities Summary LINE for Windows provided by LINE Corporation specifies the path to read DLL when launching software. A user clicking on a specially crafted link, can use this vulnerability to cause the user to insecurely load an arbitrary DLL which can be used to cause arbitrary code execution. Vendor Response “We released version 5.8.0 […]

SSD Advisory – ZTE uSmartView DLL Hijacking

Vulnerability summary The following advisory describes an DLL Hijacking found in ZTE uSmartView. ZTE uSmartView offers: “ZTE provides full series of cloud computing products (including cloud terminals, cloud desktops, virtualization software, and cloud storage products) and end-to-end integrated product, which can be applied to different scenarios such as office, training classroom, multimedia classroom, and business […]