Vulnerabilites related to justsystems - ichitaro_pro
CVE-2011-1331 (GCVE-0-2011-1331)
Vulnerability from cvelistv5
Published
2011-07-18 22:00
Modified
2024-08-06 22:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:21:34.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "44956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-1331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44956",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"name": "http://www.justsystems.com/jp/info/js11001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"name": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability",
"refsource": "MISC",
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-1331",
"datePublished": "2011-07-18T22:00:00",
"dateReserved": "2011-03-09T00:00:00",
"dateUpdated": "2024-08-06T22:21:34.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7247 (GCVE-0-2014-7247)
Vulnerability from cvelistv5
Published
2014-11-26 02:00
Modified
2024-08-06 12:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-26T02:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-7247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#16318793",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"name": "http://www.justsystems.com/jp/info/js14003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-7247",
"datePublished": "2014-11-26T02:00:00",
"dateReserved": "2014-09-30T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5990 (GCVE-0-2013-5990)
Vulnerability from cvelistv5
Published
2013-11-13 15:00
Modified
2024-09-16 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-13T15:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-5990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#44999463",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-5990",
"datePublished": "2013-11-13T15:00:00Z",
"dateReserved": "2013-10-03T00:00:00Z",
"dateUpdated": "2024-09-16T18:13:36.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-10870 (GCVE-0-2017-10870)
Vulnerability from cvelistv5
Published
2017-11-02 15:00
Modified
2024-08-05 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Memory Corrution vulnerability
Summary
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Justsystem | Rakuraku Hagaki |
Version: Rakuraku Hagaki 2018 Version: Rakuraku Hagaki 2017 Version: Rakuraku Hagaki 2016 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.justsystems.com/jp/info/js17003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuraku Hagaki",
"vendor": "Justsystem",
"versions": [
{
"status": "affected",
"version": "Rakuraku Hagaki 2018"
},
{
"status": "affected",
"version": "Rakuraku Hagaki 2017"
},
{
"status": "affected",
"version": "Rakuraku Hagaki 2016"
}
]
},
{
"product": "Rakuraku Hagaki Select for Ichitaro",
"vendor": "Justsystem",
"versions": [
{
"status": "affected",
"version": "Ichitaro 2017"
},
{
"status": "affected",
"version": "Ichitaro 2016"
},
{
"status": "affected",
"version": "Ichitaro 2015"
},
{
"status": "affected",
"version": "Ichitaro Pro3"
},
{
"status": "affected",
"version": "Ichitaro Pro2"
},
{
"status": "affected",
"version": "Ichitaro Pro"
},
{
"status": "affected",
"version": "Ichitaro 2011"
},
{
"status": "affected",
"version": "Ichitaro Government 8"
},
{
"status": "affected",
"version": "Ichitaro Government 7"
},
{
"status": "affected",
"version": "Ichitaro Government 6"
},
{
"status": "affected",
"version": "Ichitaro 2017 Trial version"
}
]
}
],
"datePublic": "2017-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corrution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.justsystems.com/jp/info/js17003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuraku Hagaki",
"version": {
"version_data": [
{
"version_value": "Rakuraku Hagaki 2018"
},
{
"version_value": "Rakuraku Hagaki 2017"
},
{
"version_value": "Rakuraku Hagaki 2016"
}
]
}
},
{
"product_name": "Rakuraku Hagaki Select for Ichitaro",
"version": {
"version_data": [
{
"version_value": "Ichitaro 2017"
},
{
"version_value": "Ichitaro 2016"
},
{
"version_value": "Ichitaro 2015"
},
{
"version_value": "Ichitaro Pro3"
},
{
"version_value": "Ichitaro Pro2"
},
{
"version_value": "Ichitaro Pro"
},
{
"version_value": "Ichitaro 2011"
},
{
"version_value": "Ichitaro Government 8"
},
{
"version_value": "Ichitaro Government 7"
},
{
"version_value": "Ichitaro Government 6"
},
{
"version_value": "Ichitaro 2017 Trial version"
}
]
}
}
]
},
"vendor_name": "Justsystem"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corrution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/vu/JVNVU93703434/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"name": "https://www.justsystems.com/jp/info/js17003.html",
"refsource": "MISC",
"url": "https://www.justsystems.com/jp/info/js17003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10870",
"datePublished": "2017-11-02T15:00:00",
"dateReserved": "2017-07-04T00:00:00",
"dateUpdated": "2024-08-05T17:50:12.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2017-11-02 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | https://jvn.jp/en/vu/JVNVU93703434/index.html | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | https://www.justsystems.com/jp/info/js17003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/vu/JVNVU93703434/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.justsystems.com/jp/info/js17003.html | Patch, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:easy_postcard_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "43B95CF5-78D5-491B-90FD-B43002411DF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:easy_postcard_2017:-:*:*:*:*:*:*:*",
"matchCriteriaId": "551A08CF-E245-44CC-92CF-9BE62A7CACA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:easy_postcard_2018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9E79413C-AA61-4B2B-AFE9-B1F893F156CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_2016:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5F17F103-DC14-4D8B-8A32-CF7ED342ECD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_2017:-:*:*:*:*:*:*:*",
"matchCriteriaId": "106BB10B-1A4F-499A-A991-AD00D05C6B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_2017_trial_version:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CC06A952-DA96-4EC8-9D24-EDA7E165213C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_2018:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2699F59E-EA1D-4993-A7F2-B38422F22337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_government_6:-:*:*:*:*:*:*:*",
"matchCriteriaId": "67A9CFDA-35F0-4137-BFCA-FFEF838C1F8B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_government_7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4E7EB947-83F9-4A48-91A1-A213740E53F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_government_8:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E401B098-6551-4101-9906-19C2AB7A5504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro_2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA3E1067-0D4D-4E60-AEDB-0C76BF91A6E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro_2011:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C2DF91C4-4444-4F6A-9B72-FB4DD490A84C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro_3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "36AE4633-5418-4009-B51D-4A1F542B1A88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file."
},
{
"lang": "es",
"value": "Una vulnerabilidad de corrupci\u00f3n de memoria en Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) y Rakuraku Hagaki Select para Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 e Ichitaro 2017 Trial version) permite que atacantes ejecuten c\u00f3digo arbitrario con privilegios de la aplicaci\u00f3n mediante archivos especialmente manipulados."
}
],
"id": "CVE-2017-10870",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-02T15:29:00.243",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.justsystems.com/jp/info/js17003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.justsystems.com/jp/info/js17003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-13 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro_pro | - | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro_viewer | - | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*",
"matchCriteriaId": "115DF4BA-D8CE-4557-9C83-8B51999E9446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:-:trial:*:*:*:*:*",
"matchCriteriaId": "1F022A8C-EA41-4B9F-B702-333A6ED3FE47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen_trial:*:*:*:*:*",
"matchCriteriaId": "35A0240E-138D-4CE3-9D9E-30AEE34F9238",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*",
"matchCriteriaId": "71899280-4A70-42DF-9F82-B9B4D3210244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro hasta la versi\u00f3n 2011; Ichitaro Government 6, 7, y 2006 hasta la versi\u00f3n 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen y Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 y Pro 2 Trial Edition; Ichitaro Viewer; e Ichitaro Portable con oreplug permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado."
}
],
"id": "CVE-2013-5990",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-13T15:55:03.847",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-18 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable | * | |
| justsystems | ichitaro_pro | * | |
| justsystems | ichitaro_viewer | * | |
| justsystems | ichitaro_viewer | 5.1.3.0 | |
| justsystems | ichitaro_viewer | 19.0.1.0 | |
| justsystems | ichitaro_viewer | 19.0.2.0 | |
| justsystems | ichitaro_viewer | 19.0.3.0 | |
| justsystems | ichitaro_viewer | 20.0.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF040552-87C3-40B5-AA54-950207AB387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6622EC-6ACF-4A02-BDF8-70C0EFD4471A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB0BAF8-1958-4CA5-801F-BE36FA327726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:5.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B34749C6-8E19-47B2-B5F7-0F98B122FCE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D726C33-139F-4514-BDFC-FE8F046B47CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6BBB43-6E50-4E6F-80A3-217A431D9A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A008907-514E-4924-953C-3F09329CF26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:20.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CAFFC5-453F-49DD-8A71-8FB98C045A4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
},
{
"lang": "es",
"value": "JustSystems Ichitaro v2005 hasta v2011, Ichitaro Government v6, Ichitaro Gobierno de v2006 a v2010, Ichitaro port\u00e1til, Ichitaro Pro, y el Visor de Ichitaro permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria heap ) a trav\u00e9s de un documento manipulado, como se exploto a principios de 2011."
}
],
"id": "CVE-2011-1331",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-18T22:55:01.033",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44956"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Exploit"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-11-26 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN16318793/index.html | Vendor Advisory | |
| vultures@jpcert.or.jp | http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 | Vendor Advisory | |
| vultures@jpcert.or.jp | http://www.justsystems.com/jp/info/js14003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN16318793/index.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.justsystems.com/jp/info/js14003.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2014 | |
| justsystems | ichitaro | 2014 | |
| justsystems | ichitaro_pro | - | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_pro | 2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:*:government:*:*:*:*:*",
"matchCriteriaId": "200F0514-22F5-42A1-BBE6-9F8FE35D0C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:*:government:*:*:*:*:*",
"matchCriteriaId": "7958FBA3-C4E5-464B-BE73-DDC26FA003CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:government:*:*:*:*:*",
"matchCriteriaId": "A358E678-D446-44D6-A14B-C53ABE9D4399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:government:*:*:*:*:*",
"matchCriteriaId": "DFE28E8A-8633-4C3B-A6D0-C7A46E39500F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:government:*:*:*:*:*",
"matchCriteriaId": "15F3A9BD-622B-41DC-BB6A-D33C349F01AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:sou:*:*:*:*:*",
"matchCriteriaId": "F3158006-A67C-4F76-A235-A9EA142C31C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2014:-:*:*:tetsu:*:*:*",
"matchCriteriaId": "12FF0771-1475-4F22-9CFD-997EC6030087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2014:-:*:*:tetsu_trial:*:*:*",
"matchCriteriaId": "396E4DE7-0F55-45E3-8269-DE0835C0F3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*",
"matchCriteriaId": "115DF4BA-D8CE-4557-9C83-8B51999E9446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:trial:*:*:*:*:*",
"matchCriteriaId": "BF10D9D2-9D3B-4D54-A8E4-DEABB2D8C159",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro 2008 hasta 2011; Ichitaro Government 6, 7, 2008, 2009, y 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; y Ichitaro 2014 Tetsu permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero manipulado."
}
],
"id": "CVE-2014-7247",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-26T02:59:02.637",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}