Vulnerabilites related to justsystem - ichitaro_viewer
CVE-2006-6400 (GCVE-0-2006-6400)
Vulnerability from cvelistv5
Published
2006-12-10 02:00
Modified
2024-08-07 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#47272891",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#47272891",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#47272891",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"name": "http://www.justsystem.co.jp/info/pd6005.html",
"refsource": "CONFIRM",
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"name": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html",
"refsource": "MISC",
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6400",
"datePublished": "2006-12-10T02:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0223 (GCVE-0-2008-0223)
Vulnerability from cvelistv5
Published
2008-01-10 23:00
Modified
2024-08-07 07:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:39:34.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019168",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019168"
},
{
"name": "27153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27153"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"name": "28275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28275"
},
{
"name": "ADV-2008-0045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"name": "justsystems-jsfc-bo(39501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
},
{
"name": "JVN#08237857",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019168",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019168"
},
{
"name": "27153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27153"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"name": "28275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28275"
},
{
"name": "ADV-2008-0045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"name": "justsystems-jsfc-bo(39501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
},
{
"name": "JVN#08237857",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019168",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019168"
},
{
"name": "27153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27153"
},
{
"name": "http://www.justsystems.com/jp/info/pd8001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"name": "28275",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28275"
},
{
"name": "ADV-2008-0045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"name": "justsystems-jsfc-bo(39501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
},
{
"name": "JVN#08237857",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0223",
"datePublished": "2008-01-10T23:00:00",
"dateReserved": "2008-01-10T00:00:00",
"dateUpdated": "2024-08-07T07:39:34.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-12-10 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystem | hanako | 2004 | |
| justsystem | hanako | 2005 | |
| justsystem | hanako | 2006 | |
| justsystem | hanako_viewer | 1.0 | |
| justsystem | ichitaro | * | |
| justsystem | ichitaro | 2005 | |
| justsystem | ichitaro | 2006 | |
| justsystem | ichitaro_lite2 | * | |
| justsystem | ichitaro_lite2 | r2 | |
| justsystem | ichitaro_viewer | 4.0 | |
| justsystem | sanshiro | 2005 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystem:hanako:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "D22E31AB-74A8-4D04-8521-DEC6DB3B7066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:hanako:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0AD3D7-4820-4C3F-8DF1-2DF8D85AEE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:hanako:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "1728BCEE-65F2-4299-B349-62021526E1A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:hanako_viewer:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF80BE6-E275-4C93-8BA4-26345671E97B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1ECAAA-9317-420F-B672-6B313C5307AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "B4125282-F81C-45E4-B5A3-D5685A859455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "038FB1DB-00F3-4761-A6F4-551360CF7983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_lite2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A939CD-2BB7-490A-A6DA-F77DB0412BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_lite2:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE065F3B-C67C-483D-AE21-D37AD3E7A10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_viewer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC6690-2E3C-4891-820E-4E51128A1DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:sanshiro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "1B362B4E-6D2E-40CB-B297-1F24B4B2CBD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en JustSystems Hanako 2004 hasta 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, y Sanshiro 2005 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante los campos (1) Keyword y (2) Title, relativos a campos de longitud de cadenas."
}
],
"id": "CVE-2006-6400",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-12-10T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23185"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017336"
},
{
"source": "cve@mitre.org",
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21445"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-01-10 23:46
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystem | ichitaro | 11.0 | |
| justsystem | ichitaro | 12.0 | |
| justsystem | ichitaro | 13.0 | |
| justsystem | ichitaro | 2004 | |
| justsystem | ichitaro | 2005 | |
| justsystem | ichitaro | 2006 | |
| justsystem | ichitaro | 2007 | |
| justsystem | ichitaro | linux | |
| justsystem | ichitaro_lite2 | * | |
| justsystem | ichitaro_viewer | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69A39F16-968A-48E9-907F-36133B6775D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FDC262B5-28BE-4EC6-89CC-B013A15CB10C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "72EFC88E-B6D1-4B8A-ADDD-5B2EF6523FEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AF08B2B3-8387-4A91-8866-4C9555901D0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "B4125282-F81C-45E4-B5A3-D5685A859455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "038FB1DB-00F3-4761-A6F4-551360CF7983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A56FB56C-D890-423B-8021-7F07D143522F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:linux:*:*:*:*:*:*:*",
"matchCriteriaId": "D42AF9B5-D9C7-435B-8FE7-B2DB39CDACC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_lite2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A939CD-2BB7-490A-A6DA-F77DB0412BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DEE5B0B5-C192-4CF6-B3D0-B2C234DDA1D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en JustSystems en la biblioteca JSFC.DLL, como es usado en varios productos de JustSystems como Ichitaro, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo .JTD especialmente dise\u00f1ado."
}
],
"id": "CVE-2008-0223",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-01-10T23:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28275"
},
{
"source": "cve@mitre.org",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"source": "cve@mitre.org",
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/27153"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019168"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28275"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019168"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}