Published:2017/11/14  Last Updated:2017/11/14

JVN#18420340
Multiple vulnerabilities in BOOK WALKER for Windows/Mac

Overview

BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. contain multiple vulnerabilities.

Products Affected

・CVE-2017-10887
  BOOK WALKER for Windows Ver.1.2.9 and earlier

・CVE-2017-10888
  BOOK WALKER for Windows Ver.1.2.9 and earlier
  BOOK WALKER for Mac Ver.1.2.5 and earlier

Description

BOOK WALKER for Windows/Mac provided by BOOK WALKER Co.,Ltd. are applications to view e-books.  Installer of BOOK WALKER for Windows contains a vulnerabirity, which may lead to insecurely loading Dynamic Link Libraries.
Also BOOK WALKER for Windows/Mac contain a vulnerability which may lead to information disclosure as a result of reading a specially crafted file.

  • DLL preloading vulnerability (CWE-427) - CVE-2017-10887
    CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Base Score: 7.8
    CVSS v2 AV:N/AC:M/Au:N/C:P/I:P/A:P Base Score: 6.8
  • Information disclosure vulnerability (CWE-200) - CVE-2017-10888
    CVSS v3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Base Score: 5.5
    CVSS v2 AV:N/AC:M/Au:N/C:C/I:N/A:N Base Score: 7.1

Impact

  • Arbitrary code may be executed with the privilege of the user invoking the installer. - CVE-2017-10887
  • An arbitrary local file may be read by an attacker, which may result in information disclosure. - CVE-2017-10888

Solution

Solution for CVE-2017-10887:
Use the latest installer
When installing BOOK WALKER for Windows for the first time, be sure to use the latest installer according to the information provided by the developer.

Solution for CVE-2017-10888:
Update the software
Update to the latest version according to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
BOOK WALKER Co.,Ltd. Vulnerable 2017/11/14 BOOK WALKER Co.,Ltd. website

References

  1. Japan Vulnerability Notes JVNTA#91240916
    Insecure DLL Loading and Command Execution Issues on Many Windows Application Programs

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2017-10887
CVE-2017-10888
JVN iPedia JVNDB-2017-000237