Vulnerabilites related to justsystems - ichitaro_viewer
CVE-2013-3644 (GCVE-0-2013-3644)
Vulnerability from cvelistv5
Published
2013-06-18 18:45
Modified
2024-09-17 01:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-18T18:45:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.justsystems.com/jp/info/js13002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-3644",
"datePublished": "2013-06-18T18:45:00Z",
"dateReserved": "2013-05-22T00:00:00Z",
"dateUpdated": "2024-09-17T01:46:11.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-1331 (GCVE-0-2011-1331)
Vulnerability from cvelistv5
Published
2011-07-18 22:00
Modified
2024-08-06 22:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T22:21:34.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "44956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "44956",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2011-1331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "44956",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/44956"
},
{
"name": "48283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"name": "JVNDB-2011-000043",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"name": "ichitaro-unspec-bo(68072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"name": "http://www.justsystems.com/jp/info/js11001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"name": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability",
"refsource": "MISC",
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"name": "JVN#87239473",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2011-1331",
"datePublished": "2011-07-18T22:00:00",
"dateReserved": "2011-03-09T00:00:00",
"dateUpdated": "2024-08-06T22:21:34.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0269 (GCVE-0-2012-0269)
Vulnerability from cvelistv5
Published
2012-04-27 18:00
Modified
2024-09-16 19:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:20.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-27T18:00:00Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2012-0269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09619876",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2012-0269",
"datePublished": "2012-04-27T18:00:00Z",
"dateReserved": "2011-12-30T00:00:00Z",
"dateUpdated": "2024-09-16T19:01:01.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4737 (GCVE-0-2009-4737)
Vulnerability from cvelistv5
Published
2010-04-06 22:00
Modified
2024-08-07 07:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:17:25.178Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "34611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34611"
},
{
"name": "53349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/53349"
},
{
"name": "ADV-2009-0957",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"name": "34403",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34403"
},
{
"name": "JVNDB-2009-000018",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"name": "ichitaro-rtf-bo(49739)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"name": "JVN#33846134",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to \"pvpara ffooter.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "34611",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34611"
},
{
"name": "53349",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/53349"
},
{
"name": "ADV-2009-0957",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"name": "34403",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34403"
},
{
"name": "JVNDB-2009-000018",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"name": "ichitaro-rtf-bo(49739)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"name": "JVN#33846134",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4737",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to \"pvpara ffooter.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "34611",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34611"
},
{
"name": "53349",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/53349"
},
{
"name": "ADV-2009-0957",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"name": "http://www.justsystems.com/jp/info/js09002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"name": "34403",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34403"
},
{
"name": "JVNDB-2009-000018",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"name": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"name": "ichitaro-rtf-bo(49739)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"name": "JVN#33846134",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4737",
"datePublished": "2010-04-06T22:00:00",
"dateReserved": "2010-03-23T00:00:00",
"dateUpdated": "2024-08-07T07:17:25.178Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5990 (GCVE-0-2013-5990)
Vulnerability from cvelistv5
Published
2013-11-13 15:00
Modified
2024-09-16 18:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-13T15:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-5990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#44999463",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-5990",
"datePublished": "2013-11-13T15:00:00Z",
"dateReserved": "2013-10-03T00:00:00Z",
"dateUpdated": "2024-09-16T18:13:36.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1242 (GCVE-0-2012-1242)
Vulnerability from cvelistv5
Published
2012-04-27 18:00
Modified
2024-08-06 18:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-1242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81472",
"refsource": "OSVDB",
"url": "http://osvdb.org/81472"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-1242",
"datePublished": "2012-04-27T18:00:00",
"dateReserved": "2012-02-21T00:00:00",
"dateUpdated": "2024-08-06T18:53:36.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-06-18 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro_just_school | - | |
| justsystems | ichitaro_portable | - | |
| justsystems | ichitaro_viewer | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*",
"matchCriteriaId": "71899280-4A70-42DF-9F82-B9B4D3210244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8BE6AD-DE66-46BE-BD71-539920232A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "42893B53-DD23-4F49-99C1-CB8A02595002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E865201A-38FA-4D81-9FB4-227F6FE4AA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:-:oreplug:*:*:*:*:*:*",
"matchCriteriaId": "9DD0D5AC-5B8D-44FF-9E83-52F79775883C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en JustSystems Ichitaro 2006 a la 2013; Ichitaro Pro a la 2; Ichitaro Government 6, 7, y 2006 a la 2010; Ichitaro Portable con oreplug; Ichitaro Viewer; y Ichitaro JUST School a la 2010, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado."
}
],
"id": "CVE-2013-3644",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-18T18:55:01.037",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.justsystems.com/jp/info/js13002.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-27 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - | |
| justsystems | rekishimail_bakumatsushishi_no_missho | - | |
| justsystems | rekishimail_sengokubusho_no_missho | - | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken_pro | 4 | |
| justsystems | shuriken_pro | 4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_bakumatsushishi_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13D8C8AD-E46A-46B7-8B2F-574748B3422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_sengokubusho_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF7568E-0934-4C3E-9E6D-49DB97D7FD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7F8BF0-38EB-4C0B-8F82-D020FF29FC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:-:corporate:*:*:*:*:*",
"matchCriteriaId": "4C8BF5EA-30CC-4140-9034-4B46D9F517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "E43932BE-3BE0-4EDF-81F4-303D5C7C890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:-:corporate:*:*:*:*:*",
"matchCriteriaId": "7FC4B58E-FACA-4019-81F6-EF4253A5964A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D64EDE94-7B0D-45B7-9E85-9EF4934A5920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D01417D2-7784-4971-86AF-BEE17F724D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "F98E0777-5F3E-43F8-BBDF-BD8513C2E0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:-:corporate:*:*:*:*:*",
"matchCriteriaId": "581E8D5B-D963-4882-8A5D-3FFD3B642B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:*:*:*:*:*:*:*",
"matchCriteriaId": "294B95A5-6BC7-45BE-9523-E6A2AFB187CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D530A3DE-669B-4BDC-9D3E-77010F18CEA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, \u00fanicamente Jump v4, \u00fanicamente Frontier, oreplug, Shuriken Pro4, Shuriken v2007 hasta v2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 hasta CE/2009 Corporate Edition, Shuriken v2010 Corporate Edition, Rekishimail Sengokubusho no missho, y Bakumatsushishi no missho que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero de imagen modificado."
}
],
"id": "CVE-2012-0269",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.937",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-27 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de busqueda de ruta no comprobada en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, unicamente Jump 4, unicamente Frontier, y oreplug que permite a usuarios locales obtener privilegios a traves de un DLL troyanizado en el directorio actual de trabajo."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2012-1242",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.987",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/81472"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-07-18 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable | * | |
| justsystems | ichitaro_pro | * | |
| justsystems | ichitaro_viewer | * | |
| justsystems | ichitaro_viewer | 5.1.3.0 | |
| justsystems | ichitaro_viewer | 19.0.1.0 | |
| justsystems | ichitaro_viewer | 19.0.2.0 | |
| justsystems | ichitaro_viewer | 19.0.3.0 | |
| justsystems | ichitaro_viewer | 20.0.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EF040552-87C3-40B5-AA54-950207AB387C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B6622EC-6ACF-4A02-BDF8-70C0EFD4471A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FB0BAF8-1958-4CA5-801F-BE36FA327726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:5.1.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B34749C6-8E19-47B2-B5F7-0F98B122FCE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D726C33-139F-4514-BDFC-FE8F046B47CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF6BBB43-6E50-4E6F-80A3-217A431D9A6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A008907-514E-4924-953C-3F09329CF26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:20.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CAFFC5-453F-49DD-8A71-8FB98C045A4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011."
},
{
"lang": "es",
"value": "JustSystems Ichitaro v2005 hasta v2011, Ichitaro Government v6, Ichitaro Gobierno de v2006 a v2010, Ichitaro port\u00e1til, Ichitaro Pro, y el Visor de Ichitaro permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria heap ) a trav\u00e9s de un documento manipulado, como se exploto a principios de 2011."
}
],
"id": "CVE-2011-1331",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-07-18T22:55:01.033",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44956"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Exploit"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN87239473/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/44956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js11001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/48283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68072"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-13 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro_pro | - | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro_viewer | - | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*",
"matchCriteriaId": "115DF4BA-D8CE-4557-9C83-8B51999E9446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:-:trial:*:*:*:*:*",
"matchCriteriaId": "1F022A8C-EA41-4B9F-B702-333A6ED3FE47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen_trial:*:*:*:*:*",
"matchCriteriaId": "35A0240E-138D-4CE3-9D9E-30AEE34F9238",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*",
"matchCriteriaId": "71899280-4A70-42DF-9F82-B9B4D3210244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro hasta la versi\u00f3n 2011; Ichitaro Government 6, 7, y 2006 hasta la versi\u00f3n 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen y Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 y Pro 2 Trial Edition; Ichitaro Viewer; e Ichitaro Portable con oreplug permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado."
}
],
"id": "CVE-2013-5990",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-13T15:55:03.847",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-06 22:30
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 13 | |
| justsystems | ichitaro | 2004 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | bungei | |
| justsystems | ichitaro_viewer | 19.0.1.0 | |
| justsystems | ichitaro_viewer | 20.0.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:13:*:*:*:*:*:*:*",
"matchCriteriaId": "9D65FA81-F110-4C21-8BD4-1A14BFFC7730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:trial:*:*:*:*:*",
"matchCriteriaId": "B5B023D0-C271-45B2-82D9-9AD4D800893E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:bungei:*:*:*:*:*:*:*",
"matchCriteriaId": "BABEE82A-8A24-4F87-9AF5-87B81217C378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:19.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7D726C33-139F-4514-BDFC-FE8F046B47CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:20.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52CAFFC5-453F-49DD-8A71-8FB98C045A4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to \"pvpara ffooter.\""
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en JustSystems Corporation Ichitaro v13, desde v2004 hasta v2009, Viewer 2009 v19.0.1.0 y anteriores y otras versiones, permite a atacantes dependientes de contexto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero de texto enriquecido manipulado (RTF), relacionado con \"pvpara ffooter.\""
}
],
"id": "CVE-2009-4737",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-04-06T22:30:00.437",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34611"
},
{
"source": "cve@mitre.org",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"source": "cve@mitre.org",
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/53349"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34403"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN33846134/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js09002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/53349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34403"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0957"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49739"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}