Vulnerabilites related to justsystems - just_school
CVE-2012-0269 (GCVE-0-2012-0269)
Vulnerability from cvelistv5
Published
2012-04-27 18:00
Modified
2024-09-16 19:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:20.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-27T18:00:00Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2012-0269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09619876",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2012-0269",
"datePublished": "2012-04-27T18:00:00Z",
"dateReserved": "2011-12-30T00:00:00Z",
"dateUpdated": "2024-09-16T19:01:01.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2154 (GCVE-0-2017-2154)
Vulnerability from cvelistv5
Published
2017-04-28 16:00
Modified
2024-08-05 13:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:48:03.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#54268888",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN54268888/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.justsystems.com/jp/info/js17002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-04-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 \u0026 Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-11T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#54268888",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN54268888/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.justsystems.com/jp/info/js17002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-2154",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 \u0026 Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#54268888",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN54268888/index.html"
},
{
"name": "https://www.justsystems.com/jp/info/js17002.html",
"refsource": "MISC",
"url": "https://www.justsystems.com/jp/info/js17002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-2154",
"datePublished": "2017-04-28T16:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T13:48:03.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1242 (GCVE-0-2012-1242)
Vulnerability from cvelistv5
Published
2012-04-27 18:00
Modified
2024-08-06 18:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-1242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81472",
"refsource": "OSVDB",
"url": "http://osvdb.org/81472"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-1242",
"datePublished": "2012-04-27T18:00:00",
"dateReserved": "2012-02-21T00:00:00",
"dateUpdated": "2024-08-06T18:53:36.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-2152 (GCVE-0-2010-2152)
Vulnerability from cvelistv5
Published
2010-06-03 16:00
Modified
2024-08-07 02:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:25:07.018Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ichitaro-attributes-code-execution(59037)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"name": "40472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/40472"
},
{
"name": "JVN#17293765",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"name": "ADV-2010-1283",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"name": "40008",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40008"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"name": "65050",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/65050"
},
{
"name": "JVNDB-2010-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/about/press/20100601.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ichitaro-attributes-code-execution(59037)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"name": "40472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/40472"
},
{
"name": "JVN#17293765",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"name": "ADV-2010-1283",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"name": "40008",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40008"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"name": "65050",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/65050"
},
{
"name": "JVNDB-2010-000024",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/about/press/20100601.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-2152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ichitaro-attributes-code-execution(59037)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"name": "40472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/40472"
},
{
"name": "JVN#17293765",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"name": "ADV-2010-1283",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"name": "40008",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40008"
},
{
"name": "http://www.justsystems.com/jp/info/js10002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"name": "65050",
"refsource": "OSVDB",
"url": "http://osvdb.org/65050"
},
{
"name": "JVNDB-2010-000024",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"name": "http://www.ipa.go.jp/about/press/20100601.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/about/press/20100601.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-2152",
"datePublished": "2010-06-03T16:00:00",
"dateReserved": "2010-06-03T00:00:00",
"dateUpdated": "2024-08-07T02:25:07.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2012-04-27 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - | |
| justsystems | rekishimail_bakumatsushishi_no_missho | - | |
| justsystems | rekishimail_sengokubusho_no_missho | - | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken_pro | 4 | |
| justsystems | shuriken_pro | 4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_bakumatsushishi_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13D8C8AD-E46A-46B7-8B2F-574748B3422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_sengokubusho_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF7568E-0934-4C3E-9E6D-49DB97D7FD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7F8BF0-38EB-4C0B-8F82-D020FF29FC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:-:corporate:*:*:*:*:*",
"matchCriteriaId": "4C8BF5EA-30CC-4140-9034-4B46D9F517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "E43932BE-3BE0-4EDF-81F4-303D5C7C890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:-:corporate:*:*:*:*:*",
"matchCriteriaId": "7FC4B58E-FACA-4019-81F6-EF4253A5964A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D64EDE94-7B0D-45B7-9E85-9EF4934A5920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D01417D2-7784-4971-86AF-BEE17F724D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "F98E0777-5F3E-43F8-BBDF-BD8513C2E0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:-:corporate:*:*:*:*:*",
"matchCriteriaId": "581E8D5B-D963-4882-8A5D-3FFD3B642B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:*:*:*:*:*:*:*",
"matchCriteriaId": "294B95A5-6BC7-45BE-9523-E6A2AFB187CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D530A3DE-669B-4BDC-9D3E-77010F18CEA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, \u00fanicamente Jump v4, \u00fanicamente Frontier, oreplug, Shuriken Pro4, Shuriken v2007 hasta v2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 hasta CE/2009 Corporate Edition, Shuriken v2010 Corporate Edition, Rekishimail Sengokubusho no missho, y Bakumatsushishi no missho que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero de imagen modificado."
}
],
"id": "CVE-2012-0269",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.937",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-27 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de busqueda de ruta no comprobada en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, unicamente Jump 4, unicamente Frontier, y oreplug que permite a usuarios locales obtener privilegios a traves de un DLL troyanizado en el directorio actual de trabajo."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2012-1242",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.987",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/81472"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-06-03 16:30
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2004 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | just_school | 2008 | |
| justsystems | just_school | 2009 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:just_school:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "F1A10D07-C5AA-4724-905A-9BC355E13471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."
},
{
"lang": "es",
"value": "Vulnerabilidad sin expecificar de JustSystems Ichitaro 2004 hasta 2009, Ichitaro Government 2006 hasta 2009, y Just School 2008 y 2009 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos relacionado con \"el procesamiento de los atributos de las caracter\u00edsticas de un producto\" para un documento."
}
],
"id": "CVE-2010-2152",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-06-03T16:30:01.710",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/65050"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40008"
},
{
"source": "cve@mitre.org",
"url": "http://www.ipa.go.jp/about/press/20100601.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/40472"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN17293765/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/65050"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/about/press/20100601.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js10002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/40472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/1283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-04-28 16:59
Modified
2025-04-20 01:37
Severity ?
Summary
Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | https://jvn.jp/en/jp/JVN54268888/index.html | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | https://www.justsystems.com/jp/info/js17002.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/jp/JVN54268888/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.justsystems.com/jp/info/js17002.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | hanako | 2015 | |
| justsystems | hanako | 2016 | |
| justsystems | hanako | 2017 | |
| justsystems | hanako | 2017 | |
| justsystems | hanako_police | 5 | |
| justsystems | hanako_pro | 3 | |
| justsystems | just_frontier | 3 | |
| justsystems | just_government | 3 | |
| justsystems | just_jump_class | 2 | |
| justsystems | just_office | 3 | |
| justsystems | just_office | 3 | |
| justsystems | just_office | 3 | |
| justsystems | just_police | 3 | |
| justsystems | just_school | 6 | |
| justsystems | just_school | 6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:hanako:2015:*:*:*:*:*:*:*",
"matchCriteriaId": "D7048C6C-0CE8-4642-A5C4-2D27E8B9CEA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3FF218-7C81-44D2-9A17-D83205685973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2017:*:*:*:*:*:*:*",
"matchCriteriaId": "776ED90F-323C-4A61-888A-43A9C562C64A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2017:*:*:*:trial_version:*:*:*",
"matchCriteriaId": "57895402-E3E8-49A2-8FA6-8A1D15E8E1C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_police:5:*:*:*:*:*:*:*",
"matchCriteriaId": "D59D8562-98D0-41B2-B558-596C89C9D522",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_pro:3:*:*:*:*:*:*:*",
"matchCriteriaId": "16485AD9-56B0-4BFB-993C-7B94F325412D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:3:*:*:*:*:*:*:*",
"matchCriteriaId": "A99D14B3-56D2-470A-A9B3-B7503EBDC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_government:3:*:*:*:*:*:*:*",
"matchCriteriaId": "B20409BA-5D02-423B-B9D4-B912D9148E72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump_class:2:*:*:*:*:*:*:*",
"matchCriteriaId": "F3FE275B-F4CD-48E1-9063-A70BBD02327F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_office:3:*:*:*:eco_print_pack:*:*:*",
"matchCriteriaId": "0CF5451A-6B63-4057-BCC4-9AB43ED32384",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_office:3:*:*:*:standard:*:*:*",
"matchCriteriaId": "BCE3335A-F74F-46AC-8376-3E5E2D4A90FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_office:3:*:*:*:tri-de_dataprotect_pack:*:*:*",
"matchCriteriaId": "B0B3FDCA-63D0-47BA-8B99-6565857123E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_police:3:*:*:*:*:*:*:*",
"matchCriteriaId": "B9F17734-FC13-4E08-B350-C6C0CDCD17D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:6:*:*:*:*:*:*:*",
"matchCriteriaId": "1874BEA7-E29B-42AD-B111-9EBAEBCAB39C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:6:*:*:*:premium:*:*:*",
"matchCriteriaId": "7434D5C9-DC0B-4E76-A9DC-D8AA1F50A4F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 \u0026 Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ruta (path) de b\u00fasqueda no confiable en Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Est\u00e1ndar], Just Office 3 [Eco Print Package], JUST Office 3 \u0026 Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 versi\u00f3n de prueba, permite a los atacantes remotos alcanzar privilegios por medio de un archivo DLL de tipo caballo de troya en un directorio no especificado."
}
],
"id": "CVE-2017-2154",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-28T16:59:02.090",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/jp/JVN54268888/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "https://www.justsystems.com/jp/info/js17002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://jvn.jp/en/jp/JVN54268888/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.justsystems.com/jp/info/js17002.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}