AKABEi SOFT2 games allow remote attackers to execute arbitrary OS commands via crafted saved data, as demonstrated by Happy Wardrobe.
References
Link | Resource |
---|---|
http://jvn.jp/en/jp/JVN85213412/995740/index.html | Third Party Advisory VDB Entry |
http://jvndb.jvn.jp/jvndb/JVNDB-2016-000154 | Third Party Advisory VDB Entry |
http://jvn.jp/en/jp/JVN85213412/index.html | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/92700 | Third Party Advisory VDB Entry |
Configurations
Information
Published : 2016-09-01 18:59
Updated : 2017-09-07 19:08
NVD link : CVE-2016-4853
Mitre link : CVE-2016-4853
JSON object : View
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Products Affected
akabei_soft2
- happy_wardrobe