High severity7.8NVD Advisory· Published Jun 9, 2017· Updated May 13, 2026

CVE-2017-2209

Description

Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18) and ver2.0 and later (For the first installation) (The versions which were available on the website prior to 2017 April 4) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Affected products

Santeikohyo/Installer Of Houkokusyo Sakusei Shien Tool3 versions
cpe:2.3:a:santeikohyo:installer_of_houkokusyo_sakusei_shien_tool:2.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:santeikohyo:installer_of_houkokusyo_sakusei_shien_tool:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:santeikohyo:installer_of_houkokusyo_sakusei_shien_tool:3.02:*:*:*:*:*:*:*
- cpe:2.3:a:santeikohyo:installer_of_houkokusyo_sakusei_shien_tool:3.03:*:*:*:*:*:*:*
Ministry of the Environment/Installer of Houkokusyo Sakusei Shien Toolv5
Range: ver3.0.2(For the first installation) (The version which was available on the website from 2017 April 4 to 2017 May 18)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jvn.jp/en/jp/JVN24087303/index.htmlnvdPatchThird Party AdvisoryVDB Entry
ghg-santeikohyo.env.go.jp/files/system/report_20170526.pdfnvdVendor Advisory
ghg-santeikohyo.env.go.jp/files/system/report_20170529_rev.pdfnvdVendor Advisory
ghg-santeikohyo.env.go.jp/toolnvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000