Details of VAR-201709-0219

ID

VAR-201709-0219

CVE

CVE-2017-10850

TITLE

In multiple products manufactured by Fuji Xerox Co., Ltd. DLL Read vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2017-000219

DESCRIPTION

Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Installers for multiple products provided by Fuji Xerox Co., Ltd. DocuWorks For self-extracting documents, DLL There is a problem with the search path when reading or executing a self-extracting document, which is unintended. DLL Reading vulnerability (CWE-427) Exists. This vulnerability information is based on the Information Security Early Warning Partnership. IPA Report to JPCERT/CC Coordinated with the developers. Reporter : Tachibana Research Institute Hidetoshi Masami MrThe expected impact depends on each vulnerability, but it may be affected as follows. -Arbitrary code is executed with administrator privileges when the installer is started. - CVE-2017-10848, CVE-2017-10850, CVE-2017-10851 ・ DocuWorks Arbitrary code is executed with the authority of the user who executed the self-extracting document - CVE-2017-10849. FujiXeroxDocuCentre-VI and ApeosPort-VI are digital copier PCL print drivers. There are several untrusted search path vulnerabilities in the FujiXerox product installer. Allows an attacker to gain privileges by logging in an unknown Trojan DLL directory

Trust: 2.16

sources: NVD: CVE-2017-10850 // JVNDB: JVNDB-2017-000219 // CNVD: CNVD-2017-30714

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-30714

AFFECTED PRODUCTS

vendor:	fujifilm	model:	docucentre-vi	scope:	eq	version:	c6671	Trust: 1.0
vendor:	fujifilm	model:	apeosport-vi	scope:	eq	version:	c4471	Trust: 1.0
vendor:	fujifilm	model:	docucentre-vi	scope:	eq	version:	c7771	Trust: 1.0
vendor:	fujifilm	model:	docucentre-vi	scope:	eq	version:	c2271	Trust: 1.0
vendor:	fujifilm	model:	apeosport-vi	scope:	eq	version:	c5571	Trust: 1.0
vendor:	fujifilm	model:	docucentre-vi	scope:	eq	version:	c3371	Trust: 1.0
vendor:	fujifilm	model:	docucentre-vi	scope:	eq	version:	c4471	Trust: 1.0
vendor:	fujifilm	model:	apeosport-vi	scope:	eq	version:	c6671	Trust: 1.0
vendor:	fujifilm	model:	apeosport-vi	scope:	eq	version:	c7771	Trust: 1.0
vendor:	fujifilm	model:	apeosport-vi	scope:	eq	version:	c3371	Trust: 1.0
vendor:	fujifilm	model:	apeosport-vi	scope:	eq	version:	c2271	Trust: 1.0
vendor:	fujifilm	model:	docucentre-vi	scope:	eq	version:	c5571	Trust: 1.0
vendor:	富士ゼロックス株式会社	model:	contentsbridge utility	scope:	-	version:	-	Trust: 0.8
vendor:	富士ゼロックス株式会社	model:	docuworks viewer light	scope:	-	version:	-	Trust: 0.8
vendor:	富士ゼロックス株式会社	model:	apeosport-vi	scope:	-	version:	-	Trust: 0.8
vendor:	富士ゼロックス株式会社	model:	docucentre-vi	scope:	eq	version:	c7771/c6671/c5571/c4471/c3371/c2271 for art ex driver installer ( digitally signed time stamp is japan time 2017 year 4 moon 12 day 11:04 before )(cve-2017-10850)	Trust: 0.8
vendor:	富士ゼロックス株式会社	model:	docucentre-vi	scope:	eq	version:	c7771/c6671/c5571/c4471/c3371/c2271 for postscript driver microsoft pscript for + function addition plugin + ppd file installer ( digitally signed time stamp is japan time 2017 year 4 moon 12 day 11:10 before )(cve-2017-10850)	Trust: 0.8
vendor:	富士ゼロックス株式会社	model:	docucentre-vi	scope:	eq	version:	c7771/c6671/c5571/c4471/c3371/c2271 for xps supported driver installer ( digitally signed time stamp is japan time 2016 year 11 moon 4 day 08:48 before )(cve-2017-10850)	Trust: 0.8
vendor:	富士ゼロックス株式会社	model:	docucentre-vi	scope:	eq	version:	c7771/c6671/c5571/c4471/c3371/c2271 for art ex direct fax driver installer ( digitally signed time stamp is japan time 2017 year 5 moon 26 day 16:44 before )(cve-2017-10850)	Trust: 0.8
vendor:	富士ゼロックス株式会社	model:	docucentre-vi	scope:	eq	version:	c7771/c6671/c5571/c4471/c3371/c2271 configuration restore tool installer for ( digitally signed time stamp is japan time 2015 year 8 moon 25 day 17:51 before )(cve-2017-10850)	Trust: 0.8
vendor:	fuji	model:	xerox co.,ltd. docucentre-vi c2271	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. docucentre-vi c3371	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. docucentre-vi c4471	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. docucentre-vi c5571	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. docucentre-vi c6671	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. docucentre-vi c7771	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. apeosport-vi c2271	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. apeosport-vi c3371	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. apeosport-vi c4471	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. apeosport-vi c5571	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. apeosport-vi c6671	scope:	-	version:	-	Trust: 0.6
vendor:	fuji	model:	xerox co.,ltd. apeosport-vi c7771	scope:	-	version:	-	Trust: 0.6
vendor:	fujixerox	model:	docucentre-vi	scope:	eq	version:	c4471	Trust: 0.6
vendor:	fujixerox	model:	docucentre-vi	scope:	eq	version:	c2271	Trust: 0.6
vendor:	fujixerox	model:	docucentre-vi	scope:	eq	version:	c5571	Trust: 0.6
vendor:	fujixerox	model:	apeosport-vi	scope:	eq	version:	c3371	Trust: 0.6
vendor:	fujixerox	model:	docucentre-vi	scope:	eq	version:	c7771	Trust: 0.6
vendor:	fujixerox	model:	apeosport-vi	scope:	eq	version:	c2271	Trust: 0.6
vendor:	fujixerox	model:	apeosport-vi	scope:	eq	version:	c5571	Trust: 0.6
vendor:	fujixerox	model:	docucentre-vi	scope:	eq	version:	c6671	Trust: 0.6
vendor:	fujixerox	model:	apeosport-vi	scope:	eq	version:	c7771	Trust: 0.6
vendor:	fujixerox	model:	docucentre-vi	scope:	eq	version:	c3371	Trust: 0.6

sources: CNVD: CNVD-2017-30714 // JVNDB: JVNDB-2017-000219 // CNNVD: CNNVD-201709-028 // NVD: CVE-2017-10850

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-10850
value:	HIGH
Trust: 1.0
IPA:	JVNDB-2017-000219
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-30714
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201709-028
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2017-10850
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
IPA:	JVNDB-2017-000219
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2017-30714
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2017-10850
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
IPA:	JVNDB-2017-000219
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2017-30714 // JVNDB: JVNDB-2017-000219 // CNNVD: CNNVD-201709-028 // NVD: CVE-2017-10850

PROBLEMTYPE DATA

problemtype:	CWE-426	Trust: 1.0
problemtype:	Other (CWE-Other) [IPA Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2017-000219 // NVD: CVE-2017-10850

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201709-028

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201709-028

PATCH

title:	In the software provided by us DLL About read vulnerability	url:	https://www.fujifilm.com/fb/company/news/notice/2017/0831_rectification_work.html	Trust: 0.8
title:	Patches for multiple FujiXerox product installers untrusted search path vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/104093	Trust: 0.6
title:	Fuji Xerox ApeosPort-VI and DocuCentre-VI Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=147283	Trust: 0.6

sources: CNVD: CNVD-2017-30714 // JVNDB: JVNDB-2017-000219 // CNNVD: CNNVD-201709-028

EXTERNAL IDS

db:	NVD	id:	CVE-2017-10850	Trust: 3.0
db:	JVN	id:	JVN09769017	Trust: 3.0
db:	JVNDB	id:	JVNDB-2017-000219	Trust: 1.4
db:	CNVD	id:	CNVD-2017-30714	Trust: 0.6
db:	CNNVD	id:	CNNVD-201709-028	Trust: 0.6

sources: CNVD: CNVD-2017-30714 // JVNDB: JVNDB-2017-000219 // CNNVD: CNNVD-201709-028 // NVD: CVE-2017-10850

REFERENCES

url:	https://jvn.jp/en/jp/jvn09769017/index.html	Trust: 2.2
url:	http://www.fujixerox.co.jp/company/news/notice/2017/0831_rectification_work.html	Trust: 1.6
url:	https://jvn.jp/jp/jvn09769017/index.html	Trust: 0.8
url:	https://jvn.jp/ta/jvnta91240916/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-10848	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-10849	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-10850	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-10851	Trust: 0.8
url:	https://jvndb.jvn.jp/en/contents/2017/jvndb-2017-000219.html	Trust: 0.6

sources: CNVD: CNVD-2017-30714 // JVNDB: JVNDB-2017-000219 // CNNVD: CNNVD-201709-028 // NVD: CVE-2017-10850

SOURCES

db:	CNVD	id:	CNVD-2017-30714
db:	JVNDB	id:	JVNDB-2017-000219
db:	CNNVD	id:	CNNVD-201709-028
db:	NVD	id:	CVE-2017-10850

LAST UPDATE DATE

2025-04-20T23:22:12.304000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2017-30714	date:	2017-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2017-000219	date:	2021-04-12T04:30:00
db:	CNNVD	id:	CNNVD-201709-028	date:	2021-04-25T00:00:00
db:	NVD	id:	CVE-2017-10850	date:	2025-04-20T01:37:25.860

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2017-30714	date:	2017-10-19T00:00:00
db:	JVNDB	id:	JVNDB-2017-000219	date:	2017-08-31T00:00:00
db:	CNNVD	id:	CNNVD-201709-028	date:	2017-09-01T00:00:00
db:	NVD	id:	CVE-2017-10850	date:	2017-09-01T14:29:00.290