Vulnerabilites related to justsystem - sanshiro
CVE-2006-6400 (GCVE-0-2006-6400)
Vulnerability from cvelistv5
Published
2006-12-10 02:00
Modified
2024-08-07 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#47272891",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#47272891",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#47272891",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"name": "http://www.justsystem.co.jp/info/pd6005.html",
"refsource": "CONFIRM",
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"name": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html",
"refsource": "MISC",
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6400",
"datePublished": "2006-12-10T02:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2006-12-10 02:28
Modified
2025-04-09 00:30
Severity ?
Summary
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystem | hanako | 2004 | |
| justsystem | hanako | 2005 | |
| justsystem | hanako | 2006 | |
| justsystem | hanako_viewer | 1.0 | |
| justsystem | ichitaro | * | |
| justsystem | ichitaro | 2005 | |
| justsystem | ichitaro | 2006 | |
| justsystem | ichitaro_lite2 | * | |
| justsystem | ichitaro_lite2 | r2 | |
| justsystem | ichitaro_viewer | 4.0 | |
| justsystem | sanshiro | 2005 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystem:hanako:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "D22E31AB-74A8-4D04-8521-DEC6DB3B7066",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:hanako:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "AE0AD3D7-4820-4C3F-8DF1-2DF8D85AEE2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:hanako:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "1728BCEE-65F2-4299-B349-62021526E1A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:hanako_viewer:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8FF80BE6-E275-4C93-8BA4-26345671E97B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC1ECAAA-9317-420F-B672-6B313C5307AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "B4125282-F81C-45E4-B5A3-D5685A859455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "038FB1DB-00F3-4761-A6F4-551360CF7983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_lite2:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52A939CD-2BB7-490A-A6DA-F77DB0412BC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_lite2:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "FE065F3B-C67C-483D-AE21-D37AD3E7A10B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:ichitaro_viewer:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E3CC6690-2E3C-4891-820E-4E51128A1DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystem:sanshiro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "1B362B4E-6D2E-40CB-B297-1F24B4B2CBD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en JustSystems Hanako 2004 hasta 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, y Sanshiro 2005 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante los campos (1) Keyword y (2) Title, relativos a campos de longitud de cadenas."
}
],
"id": "CVE-2006-6400",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2006-12-10T02:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23185"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017336"
},
{
"source": "cve@mitre.org",
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/21445"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/21445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4857"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}