CVE-2017-2253
published 2017-07-17CVE-2017-2253: Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017…
PriorityP432high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
1.08%
60.9th percentile
Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017, 18:18:55 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yahoo | toolbar | <= 8.0.0.6 | — |
| yahoo_japan_corporation | installer_of_yahoo!_toolbar | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
docker-registry vulnerabilities
osv·2023-09-05·CVSS 7.5
CVE-2017-11468 docker-registry vulnerabilities
docker-registry vulnerabilities
It was discovered that Docker Registry incorrectly handled certain crafted
input, A remote attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-11468)
It was discovered that Docker Registry incorrectly handled certain crafted
input. An attacker could possibly use this issue to cause a denial of
service. (CVE-2023-2253)
GHSA
GHSA-fq5g-2r8v-wmh7: Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8
ghsa_unreviewed·2022-05-17
CVE-2017-2253 [HIGH] CWE-426 GHSA-fq5g-2r8v-wmh7: Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8
Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017, 18:18:55 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-07-17
Published