CVE-2017-10848

HIGH

Fuji Xerox DocuWorks and DocuWorks Viewer Light < 8.0.7 - Untrusted Search Path

Title source: llm

Description

Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

References (2)

Core 2

Core References

Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvn

https://jvn.jp/en/jp/JVN09769017/index.html

Vendor Advisory x_refsource_confirm

http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html

Scores

CVSS v3 7.8

EPSS 0.0106

EPSS Percentile 60.0%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-426

Status published

Products (4)

Fuji Xerox Co.,Ltd./Installer for DocuWorks 8.0.7 and earlier

Fuji Xerox Co.,Ltd./Installer for DocuWorks Viewer Light published in Jul 2017 and earlier

fujixerox/docuworks < 8.0.7

fujixerox/docuworks_viewer_light < 8.0.7

Published Sep 01, 2017

Tracked Since Feb 18, 2026