VYPR

E Tax

by Nta

CVEs (4)

  • CVE-2024-47045HigSep 26, 2024
    risk 0.51cvss 7.8epss 0.00

    Privilege chaining issue exists in the installer of e-Tax software(common program). If this vulnerability is exploited, a malicious DLL prepared by an attacker may be executed with higher privileges than the application privilege.

  • CVE-2017-2226HigJul 7, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software (WEB version) (1.17.1) and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2017-2215HigJul 7, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in Installer of "Setup file of advance preparation" (jizen_setup.exe) (The version which was available on the website prior to 2017 June 12) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2023-46802Nov 6, 2023
    risk 0.00cvss epss 0.00

    e-Tax software Version3.0.10 and earlier improperly restricts XML external entity references (XXE) due to the configuration of the embedded XML parser. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker.