Vulnerabilites related to justsystems - ichitaro
CVE-2014-2003 (GCVE-0-2014-2003)
Vulnerability from cvelistv5
Published
2014-06-16 14:00
Modified
2024-08-06 09:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-2003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.justsystems.com/jp/info/js14002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"name": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-2003",
"datePublished": "2014-06-16T14:00:00",
"dateReserved": "2014-02-17T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7247 (GCVE-0-2014-7247)
Vulnerability from cvelistv5
Published
2014-11-26 02:00
Modified
2024-08-06 12:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-26T02:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-7247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#16318793",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"name": "http://www.justsystems.com/jp/info/js14003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-7247",
"datePublished": "2014-11-26T02:00:00",
"dateReserved": "2014-09-30T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0269 (GCVE-0-2012-0269)
Vulnerability from cvelistv5
Published
2012-04-27 18:00
Modified
2024-09-16 19:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:20.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-27T18:00:00Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2012-0269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09619876",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2012-0269",
"datePublished": "2012-04-27T18:00:00Z",
"dateReserved": "2011-12-30T00:00:00Z",
"dateUpdated": "2024-09-16T19:01:01.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4737 (GCVE-0-2009-4737)
Vulnerability from cvelistv5
Published
2010-04-06 22:00
Modified
2024-08-07 07:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:25.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34611"
},
{
"name": "53349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/53349"
},
{
"name": "ADV-2009-0957",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"name": "34403",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34403"
},
{
"name": "JVNDB-2009-000018",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"name": "ichitaro-rtf-bo(49739)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"name": "JVN#33846134",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to \"pvpara ffooter.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34611"
},
{
"name": "53349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/53349"
},
{
"name": "ADV-2009-0957",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"name": "34403",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34403"
},
{
"name": "JVNDB-2009-000018",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"name": "ichitaro-rtf-bo(49739)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"name": "JVN#33846134",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to \"pvpara ffooter.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34611",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34611"
},
{
"name": "53349",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/53349"
},
{
"name": "ADV-2009-0957",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"name": "http://www.justsystems.com/jp/info/js09002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"name": "34403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34403"
},
{
"name": "JVNDB-2009-000018",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"name": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"name": "ichitaro-rtf-bo(49739)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"name": "JVN#33846134",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4737",
"datePublished": "2010-04-06T22:00:00",
"dateReserved": "2010-03-23T00:00:00",
"dateUpdated": "2024-08-07T07:17:25.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2789 (GCVE-0-2017-2789)
Vulnerability from cvelistv5
Published
2017-02-24 22:00
Modified
2024-08-05 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- remote code execution
Summary
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96438"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:12",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96438"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96438"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0196/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2789",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-3919 (GCVE-0-2008-3919)
Vulnerability from cvelistv5
Published
2008-09-04 18:00
Modified
2024-08-07 10:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:00:41.103Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-2447",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2447"
},
{
"name": "30828",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30828"
},
{
"name": "31603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31603"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/pd8002.html"
},
{
"name": "ichitaro-jtd-code-execution(44681)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44681"
},
{
"name": "1020748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020748"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-08-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-2447",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2447"
},
{
"name": "30828",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30828"
},
{
"name": "31603",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31603"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/pd8002.html"
},
{
"name": "ichitaro-jtd-code-execution(44681)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44681"
},
{
"name": "1020748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020748"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3919",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-2447",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2447"
},
{
"name": "30828",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30828"
},
{
"name": "31603",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31603"
},
{
"name": "http://www.justsystems.com/jp/info/pd8002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/pd8002.html"
},
{
"name": "ichitaro-jtd-code-execution(44681)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44681"
},
{
"name": "1020748",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020748"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3919",
"datePublished": "2008-09-04T18:00:00",
"dateReserved": "2008-09-04T00:00:00",
"dateUpdated": "2024-08-07T10:00:41.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2790 (GCVE-0-2017-2790)
Vulnerability from cvelistv5
Published
2017-02-24 22:00
Modified
2024-08-05 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- remote code execution
Summary
When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96442"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:13",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96442"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96442"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0197/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2790",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0707 (GCVE-0-2013-0707)
Vulnerability from cvelistv5
Published
2013-03-01 02:00
Modified
2024-09-16 19:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2013-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-01T02:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2013-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-0707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2013-000015",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-0707",
"datePublished": "2013-03-01T02:00:00Z",
"dateReserved": "2012-12-28T00:00:00Z",
"dateUpdated": "2024-09-16T19:35:50.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2791 (GCVE-0-2017-2791)
Vulnerability from cvelistv5
Published
2017-02-24 22:00
Modified
2024-08-05 14:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- remote code execution
Summary
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Version: n/a |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96440"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:15",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96440"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96440"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0199/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2791",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3916 (GCVE-0-2010-3916)
Vulnerability from cvelistv5
Published
2010-11-05 22:00
Modified
2024-08-07 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3915.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#01948274",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN01948274/index.html"
},
{
"name": "ichitaro-unspec-code-exec(62998)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62998"
},
{
"name": "42099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"name": "44637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44637"
},
{
"name": "69021",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69021"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"name": "ADV-2010-2885",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2885"
},
{
"name": "JVNDB-2010-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000053.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3915."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#01948274",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN01948274/index.html"
},
{
"name": "ichitaro-unspec-code-exec(62998)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62998"
},
{
"name": "42099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"name": "44637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44637"
},
{
"name": "69021",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69021"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"name": "ADV-2010-2885",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2885"
},
{
"name": "JVNDB-2010-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000053.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3915."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#01948274",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN01948274/index.html"
},
{
"name": "ichitaro-unspec-code-exec(62998)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62998"
},
{
"name": "42099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42099"
},
{
"name": "http://www.ipa.go.jp/about/press/20101104_2.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"name": "44637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44637"
},
{
"name": "69021",
"refsource": "OSVDB",
"url": "http://osvdb.org/69021"
},
{
"name": "http://www.justsystems.com/jp/info/js10003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"name": "ADV-2010-2885",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2885"
},
{
"name": "JVNDB-2010-000053",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000053.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2010-3916",
"datePublished": "2010-11-05T22:00:00",
"dateReserved": "2010-10-12T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.263Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1331 (GCVE-0-2011-1331)
Vulnerability from cvelistv5
Published
2011-07-18 22:00
Modified
2024-08-06 22:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:21:34.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "44956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-1331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44956",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"name": "http://www.justsystems.com/jp/info/js11001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"name": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability",
"refsource": "MISC",
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-1331",
"datePublished": "2011-07-18T22:00:00",
"dateReserved": "2011-03-09T00:00:00",
"dateUpdated": "2024-08-06T22:21:34.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3644 (GCVE-0-2013-3644)
Vulnerability from cvelistv5
Published
2013-06-18 18:45
Modified
2024-09-17 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-18T18:45:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.justsystems.com/jp/info/js13002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-3644",
"datePublished": "2013-06-18T18:45:00Z",
"dateReserved": "2013-05-22T00:00:00Z",
"dateUpdated": "2024-09-17T01:46:11.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-3915 (GCVE-0-2010-3915)
Vulnerability from cvelistv5
Published
2010-11-05 22:00
Modified
2024-08-07 03:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:26:12.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2010-000052",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000052.html"
},
{
"name": "42099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"name": "JVN#19173793",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN19173793/index.html"
},
{
"name": "44637",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44637"
},
{
"name": "ichitaro-unspecified-code-exec(62997)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62997"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/connect/blogs/new-ichitaro-vulnerability-confirmed"
},
{
"name": "69020",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/69020"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"name": "ADV-2010-2885",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2885"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2010-000052",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000052.html"
},
{
"name": "42099",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"name": "JVN#19173793",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN19173793/index.html"
},
{
"name": "44637",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44637"
},
{
"name": "ichitaro-unspecified-code-exec(62997)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62997"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/connect/blogs/new-ichitaro-vulnerability-confirmed"
},
{
"name": "69020",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/69020"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"name": "ADV-2010-2885",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2885"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2010-3915",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2010-000052",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000052.html"
},
{
"name": "42099",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42099"
},
{
"name": "http://www.ipa.go.jp/about/press/20101104_2.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"name": "JVN#19173793",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN19173793/index.html"
},
{
"name": "44637",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44637"
},
{
"name": "ichitaro-unspecified-code-exec(62997)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62997"
},
{
"name": "http://www.symantec.com/connect/blogs/new-ichitaro-vulnerability-confirmed",
"refsource": "MISC",
"url": "http://www.symantec.com/connect/blogs/new-ichitaro-vulnerability-confirmed"
},
{
"name": "69020",
"refsource": "OSVDB",
"url": "http://osvdb.org/69020"
},
{
"name": "http://www.justsystems.com/jp/info/js10003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"name": "ADV-2010-2885",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2885"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2010-3915",
"datePublished": "2010-11-05T22:00:00",
"dateReserved": "2010-10-12T00:00:00",
"dateUpdated": "2024-08-07T03:26:12.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5990 (GCVE-0-2013-5990)
Vulnerability from cvelistv5
Published
2013-11-13 15:00
Modified
2024-09-16 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-13T15:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-5990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#44999463",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-5990",
"datePublished": "2013-11-13T15:00:00Z",
"dateReserved": "2013-10-03T00:00:00Z",
"dateUpdated": "2024-09-16T18:13:36.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1424 (GCVE-0-2010-1424)
Vulnerability from cvelistv5
Published
2010-04-15 21:12
Modified
2024-09-16 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.011Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#98467259",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN98467259/index.html"
},
{
"name": "JVNDB-2010-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.html"
},
{
"name": "63651",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63651"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js10001.html"
},
{
"name": "ADV-2010-0854",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0854"
},
{
"name": "1023844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023844"
},
{
"name": "39256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39256"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-04-15T21:12:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#98467259",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN98467259/index.html"
},
{
"name": "JVNDB-2010-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.html"
},
{
"name": "63651",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63651"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js10001.html"
},
{
"name": "ADV-2010-0854",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0854"
},
{
"name": "1023844",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023844"
},
{
"name": "39256",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39256"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#98467259",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN98467259/index.html"
},
{
"name": "JVNDB-2010-000015",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.html"
},
{
"name": "63651",
"refsource": "OSVDB",
"url": "http://osvdb.org/63651"
},
{
"name": "http://www.justsystems.com/jp/info/js10001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js10001.html"
},
{
"name": "ADV-2010-0854",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0854"
},
{
"name": "1023844",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023844"
},
{
"name": "39256",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39256"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1424",
"datePublished": "2010-04-15T21:12:00Z",
"dateReserved": "2010-04-15T00:00:00Z",
"dateUpdated": "2024-09-16T18:54:19.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1242 (GCVE-0-2012-1242)
Vulnerability from cvelistv5
Published
2012-04-27 18:00
Modified
2024-08-06 18:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-1242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81472",
"refsource": "OSVDB",
"url": "http://osvdb.org/81472"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-1242",
"datePublished": "2012-04-27T18:00:00",
"dateReserved": "2012-02-21T00:00:00",
"dateUpdated": "2024-08-06T18:53:36.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2152 (GCVE-0-2010-2152)
Vulnerability from cvelistv5
Published
2010-06-03 16:00
Modified
2024-08-07 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:07.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ichitaro-attributes-code-execution(59037)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"name": "40472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40472"
},
{
"name": "JVN#17293765",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"name": "ADV-2010-1283",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"name": "40008",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40008"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"name": "65050",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65050"
},
{
"name": "JVNDB-2010-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/about/press/20100601.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ichitaro-attributes-code-execution(59037)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"name": "40472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40472"
},
{
"name": "JVN#17293765",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"name": "ADV-2010-1283",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"name": "40008",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40008"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"name": "65050",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65050"
},
{
"name": "JVNDB-2010-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/about/press/20100601.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ichitaro-attributes-code-execution(59037)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"name": "40472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40472"
},
{
"name": "JVN#17293765",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"name": "ADV-2010-1283",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"name": "40008",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40008"
},
{
"name": "http://www.justsystems.com/jp/info/js10002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"name": "65050",
"refsource": "OSVDB",
"url": "http://osvdb.org/65050"
},
{
"name": "JVNDB-2010-000024",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"name": "http://www.ipa.go.jp/about/press/20100601.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/about/press/20100601.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2152",
"datePublished": "2010-06-03T16:00:00",
"dateReserved": "2010-06-03T00:00:00",
"dateUpdated": "2024-08-07T02:25:07.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-04-27 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de busqueda de ruta no comprobada en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, unicamente Jump 4, unicamente Frontier, y oreplug que permite a usuarios locales obtener privilegios a traves de un DLL troyanizado en el directorio actual de trabajo."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2012-1242",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.987",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/81472"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-06 00:00
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869571E4-7544-48EE-9839-927A3F6315E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3916."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro y de Ichitaro Government permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento modificado. Se trata de una vulnerabilidad diferente de CVE-2010-3916."
}
],
"id": "CVE-2010-3915",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-11-06T00:00:02.483",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN19173793/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000052.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/69020"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://secunia.com/advisories/42099"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/44637"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.symantec.com/connect/blogs/new-ichitaro-vulnerability-confirmed"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.vupen.com/english/advisories/2010/2885"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62997"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN19173793/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000052.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/69020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/connect/blogs/new-ichitaro-vulnerability-confirmed"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62997"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-26 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN16318793/index.html | Vendor Advisory | |
| vultures@jpcert.or.jp | http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 | Vendor Advisory | |
| vultures@jpcert.or.jp | http://www.justsystems.com/jp/info/js14003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN16318793/index.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.justsystems.com/jp/info/js14003.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2014 | |
| justsystems | ichitaro | 2014 | |
| justsystems | ichitaro_pro | - | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_pro | 2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:*:government:*:*:*:*:*",
"matchCriteriaId": "200F0514-22F5-42A1-BBE6-9F8FE35D0C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:*:government:*:*:*:*:*",
"matchCriteriaId": "7958FBA3-C4E5-464B-BE73-DDC26FA003CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:government:*:*:*:*:*",
"matchCriteriaId": "A358E678-D446-44D6-A14B-C53ABE9D4399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:government:*:*:*:*:*",
"matchCriteriaId": "DFE28E8A-8633-4C3B-A6D0-C7A46E39500F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:government:*:*:*:*:*",
"matchCriteriaId": "15F3A9BD-622B-41DC-BB6A-D33C349F01AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:sou:*:*:*:*:*",
"matchCriteriaId": "F3158006-A67C-4F76-A235-A9EA142C31C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2014:-:*:*:tetsu:*:*:*",
"matchCriteriaId": "12FF0771-1475-4F22-9CFD-997EC6030087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2014:-:*:*:tetsu_trial:*:*:*",
"matchCriteriaId": "396E4DE7-0F55-45E3-8269-DE0835C0F3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*",
"matchCriteriaId": "115DF4BA-D8CE-4557-9C83-8B51999E9446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:trial:*:*:*:*:*",
"matchCriteriaId": "BF10D9D2-9D3B-4D54-A8E4-DEABB2D8C159",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro 2008 hasta 2011; Ichitaro Government 6, 7, 2008, 2009, y 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; y Ichitaro 2014 Tetsu permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero manipulado."
}
],
"id": "CVE-2014-7247",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-26T02:59:02.637",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-16 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * | |
| justsystems | ichitaro | 10 | |
| justsystems | ichitaro | 11 | |
| justsystems | ichitaro | 12 | |
| justsystems | ichitaro | 13 | |
| justsystems | ichitaro | 2004 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2013 | |
| justsystems | just_online_update | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4144834-782B-492F-B935-F036A5C26902",
"versionEndIncluding": "2014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:10:*:*:*:*:*:*:*",
"matchCriteriaId": "64910A2D-4EFD-4435-B021-A47E5CA10901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:11:*:*:*:*:*:*:*",
"matchCriteriaId": "F3255951-1684-4F78-9AA8-0721D43C4E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:12:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1D2069-D1F4-4F31-8B78-9768F43EF847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:13:*:*:*:*:*:*:*",
"matchCriteriaId": "9D65FA81-F110-4C21-8BD4-1A14BFFC7730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:trial:*:*:*:*:*",
"matchCriteriaId": "B5B023D0-C271-45B2-82D9-9AD4D800893E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen_trial:*:*:*:*:*",
"matchCriteriaId": "35A0240E-138D-4CE3-9D9E-30AEE34F9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_online_update:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F6290F-EB66-4423-8F54-436BBC547547",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
},
{
"lang": "es",
"value": "JustSystems JUST Online Update, utilizado en Ichitaro hasta 2014 y otros productos, no valida debidamente firmas de m\u00f3dulos de actualizaci\u00f3n, lo que permite a atacantes remotos falsificar m\u00f3dulos y ejecutar c\u00f3digo arbitrario a trav\u00e9s de una firma manipulada."
}
],
"id": "CVE-2014-2003",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-16T14:55:05.457",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-18 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable | * | |
| justsystems | ichitaro_pro | * | |
| justsystems | ichitaro_viewer | * | |
| justsystems | ichitaro_viewer | 5.1.3.0 | |
| justsystems | ichitaro_viewer | 19.0.1.0 | |
| justsystems | ichitaro_viewer | 19.0.2.0 | |
| justsystems | ichitaro_viewer | 19.0.3.0 | |
| justsystems | ichitaro_viewer | 20.0.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF040552-87C3-40B5-AA54-950207AB387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6622EC-6ACF-4A02-BDF8-70C0EFD4471A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB0BAF8-1958-4CA5-801F-BE36FA327726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:5.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B34749C6-8E19-47B2-B5F7-0F98B122FCE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D726C33-139F-4514-BDFC-FE8F046B47CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6BBB43-6E50-4E6F-80A3-217A431D9A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A008907-514E-4924-953C-3F09329CF26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:20.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CAFFC5-453F-49DD-8A71-8FB98C045A4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
},
{
"lang": "es",
"value": "JustSystems Ichitaro v2005 hasta v2011, Ichitaro Government v6, Ichitaro Gobierno de v2006 a v2010, Ichitaro port\u00e1til, Ichitaro Pro, y el Visor de Ichitaro permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria heap ) a trav\u00e9s de un documento manipulado, como se exploto a principios de 2011."
}
],
"id": "CVE-2011-1331",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-18T22:55:01.033",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44956"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Exploit"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-11-06 00:00
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3915.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869571E4-7544-48EE-9839-927A3F6315E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary code via a crafted document, a different vulnerability than CVE-2010-3915."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro y Ichitaro Government permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un documento modificado. Se trata de una vulnerabilidad diferente de CVE-2010-3915."
}
],
"id": "CVE-2010-3916",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-11-06T00:00:02.530",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN01948274/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000053.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/69021"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://secunia.com/advisories/42099"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/44637"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.vupen.com/english/advisories/2010/2885"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62998"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN01948274/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000053.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/69021"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/42099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/about/press/20101104_2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/2885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62998"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-18 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro_just_school | - | |
| justsystems | ichitaro_portable | - | |
| justsystems | ichitaro_viewer | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*",
"matchCriteriaId": "71899280-4A70-42DF-9F82-B9B4D3210244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8BE6AD-DE66-46BE-BD71-539920232A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "42893B53-DD23-4F49-99C1-CB8A02595002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E865201A-38FA-4D81-9FB4-227F6FE4AA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:-:oreplug:*:*:*:*:*:*",
"matchCriteriaId": "9DD0D5AC-5B8D-44FF-9E83-52F79775883C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en JustSystems Ichitaro 2006 a la 2013; Ichitaro Pro a la 2; Ichitaro Government 6, 7, y 2006 a la 2010; Ichitaro Portable con oreplug; Ichitaro Viewer; y Ichitaro JUST School a la 2010, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado."
}
],
"id": "CVE-2013-3644",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-18T18:55:01.037",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.justsystems.com/jp/info/js13002.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-13 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro_pro | - | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro_viewer | - | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*",
"matchCriteriaId": "115DF4BA-D8CE-4557-9C83-8B51999E9446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:-:trial:*:*:*:*:*",
"matchCriteriaId": "1F022A8C-EA41-4B9F-B702-333A6ED3FE47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen_trial:*:*:*:*:*",
"matchCriteriaId": "35A0240E-138D-4CE3-9D9E-30AEE34F9238",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*",
"matchCriteriaId": "71899280-4A70-42DF-9F82-B9B4D3210244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro hasta la versi\u00f3n 2011; Ichitaro Government 6, 7, y 2006 hasta la versi\u00f3n 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen y Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 y Pro 2 Trial Edition; Ichitaro Viewer; e Ichitaro Portable con oreplug permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado."
}
],
"id": "CVE-2013-5990",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-13T15:55:03.847",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-15 21:30
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:trial:*:*:*:*:*",
"matchCriteriaId": "B5B023D0-C271-45B2-82D9-9AD4D800893E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:trial:*:*:*:*:*",
"matchCriteriaId": "62A23086-C131-4CD8-A762-AED574C71BDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro y Ichitaro Government v2006 hasta v2010 permite a atacantes asistidos por usuarios remotamente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero de fuentes modificado."
}
],
"id": "CVE-2010-1424",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-15T21:30:00.337",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/en/jp/JVN98467259/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/63651"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39256"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023844"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN98467259/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/63651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0854"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-03 16:30
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2004 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | just_school | 2008 | |
| justsystems | just_school | 2009 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:just_school:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A10D07-C5AA-4724-905A-9BC355E13471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."
},
{
"lang": "es",
"value": "Vulnerabilidad sin expecificar de JustSystems Ichitaro 2004 hasta 2009, Ichitaro Government 2006 hasta 2009, y Just School 2008 y 2009 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos relacionado con \"el procesamiento de los atributos de las caracter\u00edsticas de un producto\" para un documento."
}
],
"id": "CVE-2010-2152",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-06-03T16:30:01.710",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/65050"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40008"
},
{
"source": "cve@mitre.org",
"url": "http://www.ipa.go.jp/about/press/20100601.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/40472"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/65050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/about/press/20100601.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-24 22:59
Modified
2025-04-20 01:37
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869571E4-7544-48EE-9839-927A3F6315E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
},
{
"lang": "es",
"value": "Cuando se copian datos de archivos en un b\u00fafer, JustSystems Ichitaro Office 2016 Trial calcular\u00e1 dos valores para determinar cuantos datos copiar desde el documento. Si ambos valores son m\u00e1s grandes que el tama\u00f1o del b\u00fafer, la aplicaci\u00f3n escoger\u00e1 el m\u00e1s peque\u00f1o de los dos y confiar\u00e1 en \u00e9l para copiar datos desde el archivo. Este valor es mayor que el tama\u00f1o de b\u00fafer, lo que conduce a un desbordamiento de b\u00fafer basado en memoria din\u00e1mica. Este desbordamiento corrompe un desplazamiento en la memoria din\u00e1mica utilizada en la aritm\u00e9tica de puntero para escribir datos y puede conducir a ejecuci\u00f3n de c\u00f3digo bajo el contexto de la aplicaci\u00f3n."
}
],
"id": "CVE-2017-2789",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-24T22:59:00.153",
"references": [
{
"source": "talos-cna@cisco.com",
"url": "http://www.securityfocus.com/bid/96438"
},
{
"source": "talos-cna@cisco.com",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-06 22:30
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 13 | |
| justsystems | ichitaro | 2004 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | bungei | |
| justsystems | ichitaro_viewer | 19.0.1.0 | |
| justsystems | ichitaro_viewer | 20.0.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:13:*:*:*:*:*:*:*",
"matchCriteriaId": "9D65FA81-F110-4C21-8BD4-1A14BFFC7730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:trial:*:*:*:*:*",
"matchCriteriaId": "B5B023D0-C271-45B2-82D9-9AD4D800893E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:bungei:*:*:*:*:*:*:*",
"matchCriteriaId": "BABEE82A-8A24-4F87-9AF5-87B81217C378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D726C33-139F-4514-BDFC-FE8F046B47CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:20.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CAFFC5-453F-49DD-8A71-8FB98C045A4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to \"pvpara ffooter.\""
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en JustSystems Corporation Ichitaro v13, desde v2004 hasta v2009, Viewer 2009 v19.0.1.0 y anteriores y otras versiones, permite a atacantes dependientes de contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de texto enriquecido manipulado (RTF), relacionado con \"pvpara ffooter.\""
}
],
"id": "CVE-2009-4737",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-06T22:30:00.437",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34611"
},
{
"source": "cve@mitre.org",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"source": "cve@mitre.org",
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/53349"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34403"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/53349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-24 22:59
Modified
2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2016 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2016:*:*:*:trial:*:*:*",
"matchCriteriaId": "85413E71-5093-49EF-B949-4B8A62A237DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
},
{
"lang": "es",
"value": "JustSystems Ichitaro 2016 Trial contiene una vulnerabilidad que existe al tratar de abrir un archivo de PowerPoint especialmente manipulado. Debido al manejo incorrecto de la aplicaci\u00f3n del caso de error para el resultado de una funci\u00f3n, la aplicaci\u00f3n utilizar\u00e1 este resultado en un c\u00e1lculo de puntero para leer datos de archivo dentro. Debido a esto, la aplicaci\u00f3n leer\u00e1 datos desde un archivo dentro de una direcci\u00f3n no v\u00e1lida corrompiendo as\u00ed la memoria. Bajo las condiciones adecuadas, esto puede conducir a ejecuci\u00f3n de c\u00f3digo dentro del contexto de la aplicaci\u00f3n."
}
],
"id": "CVE-2017-2791",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-24T22:59:00.213",
"references": [
{
"source": "talos-cna@cisco.com",
"url": "http://www.securityfocus.com/bid/96440"
},
{
"source": "talos-cna@cisco.com",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-27 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - | |
| justsystems | rekishimail_bakumatsushishi_no_missho | - | |
| justsystems | rekishimail_sengokubusho_no_missho | - | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken_pro | 4 | |
| justsystems | shuriken_pro | 4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_bakumatsushishi_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13D8C8AD-E46A-46B7-8B2F-574748B3422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_sengokubusho_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF7568E-0934-4C3E-9E6D-49DB97D7FD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7F8BF0-38EB-4C0B-8F82-D020FF29FC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:-:corporate:*:*:*:*:*",
"matchCriteriaId": "4C8BF5EA-30CC-4140-9034-4B46D9F517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "E43932BE-3BE0-4EDF-81F4-303D5C7C890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:-:corporate:*:*:*:*:*",
"matchCriteriaId": "7FC4B58E-FACA-4019-81F6-EF4253A5964A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D64EDE94-7B0D-45B7-9E85-9EF4934A5920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D01417D2-7784-4971-86AF-BEE17F724D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "F98E0777-5F3E-43F8-BBDF-BD8513C2E0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:-:corporate:*:*:*:*:*",
"matchCriteriaId": "581E8D5B-D963-4882-8A5D-3FFD3B642B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:*:*:*:*:*:*:*",
"matchCriteriaId": "294B95A5-6BC7-45BE-9523-E6A2AFB187CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D530A3DE-669B-4BDC-9D3E-77010F18CEA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, \u00fanicamente Jump v4, \u00fanicamente Frontier, oreplug, Shuriken Pro4, Shuriken v2007 hasta v2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 hasta CE/2009 Corporate Edition, Shuriken v2010 Corporate Edition, Rekishimail Sengokubusho no missho, y Bakumatsushishi no missho que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero de imagen modificado."
}
],
"id": "CVE-2012-0269",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.937",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-24 22:59
Modified
2025-04-20 01:37
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869571E4-7544-48EE-9839-927A3F6315E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
},
{
"lang": "es",
"value": "Cuando se procesa un tipo de registro de 0x3c flujo Workbookdesde un archivo Excel (.xls), JustSystems Ichitaro Office conf\u00eda que el tama\u00f1o es mayor que cero, substrae uno de la longitud, y utiliza este resultado como el tama\u00f1o de una memcpy. Esto resulta en un desbordamiento de b\u00fafer basado en memoria din\u00e1mica y puede conducir a ejecuci\u00f3n de c\u00f3digo bajo el contexto de la aplicaci\u00f3n."
}
],
"id": "CVE-2017-2790",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-24T22:59:00.200",
"references": [
{
"source": "talos-cna@cisco.com",
"url": "http://www.securityfocus.com/bid/96442"
},
{
"source": "talos-cna@cisco.com",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-03-01 05:40
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | hanako | 2006 | |
| justsystems | hanako | 2007 | |
| justsystems | hanako | 2008 | |
| justsystems | hanako | 2009 | |
| justsystems | hanako | 2010 | |
| justsystems | hanako | 2011 | |
| justsystems | hanako | 2012 | |
| justsystems | hanako | 2013 | |
| justsystems | hanako_police | - | |
| justsystems | hanako_police | 2010 | |
| justsystems | hanako_police3 | - | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro_portable | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:hanako:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "B99AFDF7-D3AE-4565-9AE2-85642724DC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "934D152B-FD10-418D-8C08-28BD45442B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA97A6-E654-4882-AFA5-6D5B404672D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "5BE91EAC-860C-4E31-8DCE-4F7092B12250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCBC102-5EBD-4427-B741-40DF5EEB1AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1615FC-6D1D-4333-85E3-3C77F23EC2E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D9903B-4F6F-4D25-A5EB-3D4C5791B2F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "289D3E55-483B-407F-A1C9-5DCF21E14F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_police:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F075EDD-D4AE-48A1-AD62-D1F4E9FD2E65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_police:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "361E77E7-DD90-4E3D-BFA7-3C48C7DED979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_police3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B9E254-5474-4615-BDBA-A9A8B2D009F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:-:oreplug:*:*:*:*:*:*",
"matchCriteriaId": "9DD0D5AC-5B8D-44FF-9E83-52F79775883C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en JustSystems Ichitaro v2006 y 2007, el Gobierno Ichitaro 2006 y 2007, Ichitaro port\u00e1til con oreplug, Hanako 2006 hasta 2013, Hanako Polic\u00eda, Polic\u00eda Hanako 3 y Hanako Police 2010 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado."
}
],
"id": "CVE-2013-0707",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-03-01T05:40:17.647",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-04 18:41
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869571E4-7544-48EE-9839-927A3F6315E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en m\u00faltiples productos de JustSystems Ichitaro, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un documento JTD manipulado; como se ha explotado libremente en agosto del 2008."
}
],
"id": "CVE-2008-3919",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-09-04T18:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31603"
},
{
"source": "cve@mitre.org",
"url": "http://www.justsystems.com/jp/info/pd8002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/30828"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020748"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2447"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.justsystems.com/jp/info/pd8002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/30828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44681"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}