Vulnerability Details : CVE-2016-4831
Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
Products affected by CVE-2016-4831
- cpe:2.3:a:linecorp:line:*:*:*:*:*:windows:*:*
- cpe:2.3:a:linecorp:line_installer:*:*:*:*:*:windows:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4831
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4831
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
|
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
References for CVE-2016-4831
-
http://jvn.jp/en/jp/JVN51565015/index.html
JVN#51565015: LINE for Windows may insecurely load Dynamic Link LibrariesVendor Advisory
-
http://www.securityfocus.com/bid/91671
LINE CVE-2016-4831 Remote Code Execution Vulnerability
-
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000123
JVNDB-2016-000123 - JVN iPedia - 脆弱性対策情報データベースVendor Advisory
-
http://linecorp.com/ja/security/article/61
【脆弱性情報】LINE PC版(Windows)の脆弱性と修正完了に関するお知らせ | LINE Corporation | セキュリティ&プライバシー
Jump to