Published:
2017/07/24
Last Updated:
2017/07/24
Information from Kiri
Vulnerability ID:JVN#17523256
Title:Installer of Tween may insecurely load Dynamic Link Libraries
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
The installer of Tween 1.6.6.0 or earlier has vulnerability of DLL loading without intent.
When this vulnerability is used for bad ends, a malicious third person will execute any code on installer startup.
This vulnerability only affects on installer startup, so Tween already installed does not have the problem.
