Search criteria
51 vulnerabilities found for Ichitaro by JustSystems
FKIE_CVE-2017-2789
Vulnerability from fkie_nvd - Published: 2017-02-24 22:59 - Updated: 2025-04-20 01:37
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869571E4-7544-48EE-9839-927A3F6315E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
},
{
"lang": "es",
"value": "Cuando se copian datos de archivos en un b\u00fafer, JustSystems Ichitaro Office 2016 Trial calcular\u00e1 dos valores para determinar cuantos datos copiar desde el documento. Si ambos valores son m\u00e1s grandes que el tama\u00f1o del b\u00fafer, la aplicaci\u00f3n escoger\u00e1 el m\u00e1s peque\u00f1o de los dos y confiar\u00e1 en \u00e9l para copiar datos desde el archivo. Este valor es mayor que el tama\u00f1o de b\u00fafer, lo que conduce a un desbordamiento de b\u00fafer basado en memoria din\u00e1mica. Este desbordamiento corrompe un desplazamiento en la memoria din\u00e1mica utilizada en la aritm\u00e9tica de puntero para escribir datos y puede conducir a ejecuci\u00f3n de c\u00f3digo bajo el contexto de la aplicaci\u00f3n."
}
],
"id": "CVE-2017-2789",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-24T22:59:00.153",
"references": [
{
"source": "talos-cna@cisco.com",
"url": "http://www.securityfocus.com/bid/96438"
},
{
"source": "talos-cna@cisco.com",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-2790
Vulnerability from fkie_nvd - Published: 2017-02-24 22:59 - Updated: 2025-04-20 01:37
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "869571E4-7544-48EE-9839-927A3F6315E2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
},
{
"lang": "es",
"value": "Cuando se procesa un tipo de registro de 0x3c flujo Workbookdesde un archivo Excel (.xls), JustSystems Ichitaro Office conf\u00eda que el tama\u00f1o es mayor que cero, substrae uno de la longitud, y utiliza este resultado como el tama\u00f1o de una memcpy. Esto resulta en un desbordamiento de b\u00fafer basado en memoria din\u00e1mica y puede conducir a ejecuci\u00f3n de c\u00f3digo bajo el contexto de la aplicaci\u00f3n."
}
],
"id": "CVE-2017-2790",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-24T22:59:00.200",
"references": [
{
"source": "talos-cna@cisco.com",
"url": "http://www.securityfocus.com/bid/96442"
},
{
"source": "talos-cna@cisco.com",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-2791
Vulnerability from fkie_nvd - Published: 2017-02-24 22:59 - Updated: 2025-04-20 01:37
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2016 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2016:*:*:*:trial:*:*:*",
"matchCriteriaId": "85413E71-5093-49EF-B949-4B8A62A237DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
},
{
"lang": "es",
"value": "JustSystems Ichitaro 2016 Trial contiene una vulnerabilidad que existe al tratar de abrir un archivo de PowerPoint especialmente manipulado. Debido al manejo incorrecto de la aplicaci\u00f3n del caso de error para el resultado de una funci\u00f3n, la aplicaci\u00f3n utilizar\u00e1 este resultado en un c\u00e1lculo de puntero para leer datos de archivo dentro. Debido a esto, la aplicaci\u00f3n leer\u00e1 datos desde un archivo dentro de una direcci\u00f3n no v\u00e1lida corrompiendo as\u00ed la memoria. Bajo las condiciones adecuadas, esto puede conducir a ejecuci\u00f3n de c\u00f3digo dentro del contexto de la aplicaci\u00f3n."
}
],
"id": "CVE-2017-2791",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "talos-cna@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-24T22:59:00.213",
"references": [
{
"source": "talos-cna@cisco.com",
"url": "http://www.securityfocus.com/bid/96440"
},
{
"source": "talos-cna@cisco.com",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/96440"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-7247
Vulnerability from fkie_nvd - Published: 2014-11-26 02:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
References
| URL | Tags | ||
|---|---|---|---|
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN16318793/index.html | Vendor Advisory | |
| vultures@jpcert.or.jp | http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 | Vendor Advisory | |
| vultures@jpcert.or.jp | http://www.justsystems.com/jp/info/js14003.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN16318793/index.html | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.justsystems.com/jp/info/js14003.html | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2014 | |
| justsystems | ichitaro | 2014 | |
| justsystems | ichitaro_pro | - | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_pro | 2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:*:government:*:*:*:*:*",
"matchCriteriaId": "200F0514-22F5-42A1-BBE6-9F8FE35D0C7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:*:government:*:*:*:*:*",
"matchCriteriaId": "7958FBA3-C4E5-464B-BE73-DDC26FA003CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:government:*:*:*:*:*",
"matchCriteriaId": "A358E678-D446-44D6-A14B-C53ABE9D4399",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:government:*:*:*:*:*",
"matchCriteriaId": "DFE28E8A-8633-4C3B-A6D0-C7A46E39500F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:government:*:*:*:*:*",
"matchCriteriaId": "15F3A9BD-622B-41DC-BB6A-D33C349F01AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:sou:*:*:*:*:*",
"matchCriteriaId": "F3158006-A67C-4F76-A235-A9EA142C31C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2014:-:*:*:tetsu:*:*:*",
"matchCriteriaId": "12FF0771-1475-4F22-9CFD-997EC6030087",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2014:-:*:*:tetsu_trial:*:*:*",
"matchCriteriaId": "396E4DE7-0F55-45E3-8269-DE0835C0F3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*",
"matchCriteriaId": "115DF4BA-D8CE-4557-9C83-8B51999E9446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:trial:*:*:*:*:*",
"matchCriteriaId": "BF10D9D2-9D3B-4D54-A8E4-DEABB2D8C159",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro 2008 hasta 2011; Ichitaro Government 6, 7, 2008, 2009, y 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; y Ichitaro 2014 Tetsu permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero manipulado."
}
],
"id": "CVE-2014-7247",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-26T02:59:02.637",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-19"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-2003
Vulnerability from fkie_nvd - Published: 2014-06-16 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | * | |
| justsystems | ichitaro | 10 | |
| justsystems | ichitaro | 11 | |
| justsystems | ichitaro | 12 | |
| justsystems | ichitaro | 13 | |
| justsystems | ichitaro | 2004 | |
| justsystems | ichitaro | 2005 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2013 | |
| justsystems | just_online_update | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D4144834-782B-492F-B935-F036A5C26902",
"versionEndIncluding": "2014",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:10:*:*:*:*:*:*:*",
"matchCriteriaId": "64910A2D-4EFD-4435-B021-A47E5CA10901",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:11:*:*:*:*:*:*:*",
"matchCriteriaId": "F3255951-1684-4F78-9AA8-0721D43C4E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:12:*:*:*:*:*:*:*",
"matchCriteriaId": "BF1D2069-D1F4-4F31-8B78-9768F43EF847",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:13:*:*:*:*:*:*:*",
"matchCriteriaId": "9D65FA81-F110-4C21-8BD4-1A14BFFC7730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*",
"matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*",
"matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:trial:*:*:*:*:*",
"matchCriteriaId": "B5B023D0-C271-45B2-82D9-9AD4D800893E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen_trial:*:*:*:*:*",
"matchCriteriaId": "35A0240E-138D-4CE3-9D9E-30AEE34F9238",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_online_update:-:*:*:*:*:*:*:*",
"matchCriteriaId": "96F6290F-EB66-4423-8F54-436BBC547547",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
},
{
"lang": "es",
"value": "JustSystems JUST Online Update, utilizado en Ichitaro hasta 2014 y otros productos, no valida debidamente firmas de m\u00f3dulos de actualizaci\u00f3n, lo que permite a atacantes remotos falsificar m\u00f3dulos y ejecutar c\u00f3digo arbitrario a trav\u00e9s de una firma manipulada."
}
],
"id": "CVE-2014-2003",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.6,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-16T14:55:05.457",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-5990
Vulnerability from fkie_nvd - Published: 2013-11-13 15:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro_pro | - | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_pro | 2 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro_viewer | - | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "242FF195-E6D8-4C22-B03E-00775A8ED5A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*",
"matchCriteriaId": "115DF4BA-D8CE-4557-9C83-8B51999E9446",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_pro:2:-:trial:*:*:*:*:*",
"matchCriteriaId": "1F022A8C-EA41-4B9F-B702-333A6ED3FE47",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*",
"matchCriteriaId": "6EE20B2C-6630-4362-9438-91571BD531B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*",
"matchCriteriaId": "2DF9AE8E-A943-49AF-A507-4423ADC8796C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:-:gen_trial:*:*:*:*:*",
"matchCriteriaId": "35A0240E-138D-4CE3-9D9E-30AEE34F9238",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*",
"matchCriteriaId": "71899280-4A70-42DF-9F82-B9B4D3210244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en JustSystems Ichitaro hasta la versi\u00f3n 2011; Ichitaro Government 6, 7, y 2006 hasta la versi\u00f3n 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen y Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 y Pro 2 Trial Edition; Ichitaro Viewer; e Ichitaro Portable con oreplug permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado."
}
],
"id": "CVE-2013-5990",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-11-13T15:55:03.847",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3644
Vulnerability from fkie_nvd - Published: 2013-06-18 18:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 6 | |
| justsystems | ichitaro | 7 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2012 | |
| justsystems | ichitaro | 2013 | |
| justsystems | ichitaro_just_school | - | |
| justsystems | ichitaro_portable | - | |
| justsystems | ichitaro_viewer | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*",
"matchCriteriaId": "9056648E-34A1-471E-BB5A-FB50FB1C81DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*",
"matchCriteriaId": "71899280-4A70-42DF-9F82-B9B4D3210244",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "5B8BE6AD-DE66-46BE-BD71-539920232A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "42893B53-DD23-4F49-99C1-CB8A02595002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E865201A-38FA-4D81-9FB4-227F6FE4AA43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:-:oreplug:*:*:*:*:*:*",
"matchCriteriaId": "9DD0D5AC-5B8D-44FF-9E83-52F79775883C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en JustSystems Ichitaro 2006 a la 2013; Ichitaro Pro a la 2; Ichitaro Government 6, 7, y 2006 a la 2010; Ichitaro Portable con oreplug; Ichitaro Viewer; y Ichitaro JUST School a la 2010, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un documento manipulado."
}
],
"id": "CVE-2013-3644",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-18T18:55:01.037",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.justsystems.com/jp/info/js13002.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-0707
Vulnerability from fkie_nvd - Published: 2013-03-01 05:40 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | hanako | 2006 | |
| justsystems | hanako | 2007 | |
| justsystems | hanako | 2008 | |
| justsystems | hanako | 2009 | |
| justsystems | hanako | 2010 | |
| justsystems | hanako | 2011 | |
| justsystems | hanako | 2012 | |
| justsystems | hanako | 2013 | |
| justsystems | hanako_police | - | |
| justsystems | hanako_police | 2010 | |
| justsystems | hanako_police3 | - | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro_portable | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:hanako:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "B99AFDF7-D3AE-4565-9AE2-85642724DC00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "934D152B-FD10-418D-8C08-28BD45442B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "BAAA97A6-E654-4882-AFA5-6D5B404672D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "5BE91EAC-860C-4E31-8DCE-4F7092B12250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCBC102-5EBD-4427-B741-40DF5EEB1AEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1615FC-6D1D-4333-85E3-3C77F23EC2E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2012:*:*:*:*:*:*:*",
"matchCriteriaId": "D1D9903B-4F6F-4D25-A5EB-3D4C5791B2F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako:2013:*:*:*:*:*:*:*",
"matchCriteriaId": "289D3E55-483B-407F-A1C9-5DCF21E14F6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_police:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F075EDD-D4AE-48A1-AD62-D1F4E9FD2E65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_police:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "361E77E7-DD90-4E3D-BFA7-3C48C7DED979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:hanako_police3:-:*:*:*:*:*:*:*",
"matchCriteriaId": "66B9E254-5474-4615-BDBA-A9A8B2D009F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable:-:oreplug:*:*:*:*:*:*",
"matchCriteriaId": "9DD0D5AC-5B8D-44FF-9E83-52F79775883C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en JustSystems Ichitaro v2006 y 2007, el Gobierno Ichitaro 2006 y 2007, Ichitaro port\u00e1til con oreplug, Hanako 2006 hasta 2013, Hanako Polic\u00eda, Polic\u00eda Hanako 3 y Hanako Police 2010 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo manipulado."
}
],
"id": "CVE-2013-0707",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-03-01T05:40:17.647",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-1242
Vulnerability from fkie_nvd - Published: 2012-04-27 18:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
},
{
"lang": "es",
"value": "Vulnerabilidad de busqueda de ruta no comprobada en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, unicamente Jump 4, unicamente Frontier, y oreplug que permite a usuarios locales obtener privilegios a traves de un DLL troyanizado en el directorio actual de trabajo."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html \u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2012-1242",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.987",
"references": [
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://osvdb.org/81472"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/81472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-0269
Vulnerability from fkie_nvd - Published: 2012-04-27 18:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2006 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2007 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2008 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2009 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2010 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro | 2011 | |
| justsystems | ichitaro_portable_with_oreplug | - | |
| justsystems | ichitaro_viewer | - | |
| justsystems | just_frontier | - | |
| justsystems | just_jump | 4 | |
| justsystems | just_school | - | |
| justsystems | just_school | 2009 | |
| justsystems | just_school | 2010 | |
| justsystems | oreplug | - | |
| justsystems | rekishimail_bakumatsushishi_no_missho | - | |
| justsystems | rekishimail_sengokubusho_no_missho | - | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2007 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2008 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2009 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken | 2010 | |
| justsystems | shuriken_pro | 4 | |
| justsystems | shuriken_pro | 4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*",
"matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*",
"matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*",
"matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*",
"matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*",
"matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C3EDDB-E30F-45BA-94C4-5C917283971E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*",
"matchCriteriaId": "6881ACA2-0625-4E3F-8136-D20E627BFC9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*",
"matchCriteriaId": "3A4975EC-E1DB-45C0-AFF6-C3E97F273332",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*",
"matchCriteriaId": "47047585-7145-40D5-8FA2-B1B542CF6AC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E907093-E0DC-4B7B-9B41-58BDF3BD75F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*",
"matchCriteriaId": "440528B7-1BFE-41D9-AC03-9F54F9730719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_frontier:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94E70EAB-DD32-4112-BB5C-4F0BE189FFC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_jump:4:*:*:*:*:*:*:*",
"matchCriteriaId": "19503458-91FD-4008-83A1-E18A8B592EC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE4474E1-25F9-4434-A388-4E1009D1C4D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:just_school:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F79C51-A967-4CAB-8978-67F4514C352F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:oreplug:-:*:*:*:*:*:*:*",
"matchCriteriaId": "090992EF-7B11-49D1-904F-2748414EEB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_bakumatsushishi_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "13D8C8AD-E46A-46B7-8B2F-574748B3422F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:rekishimail_sengokubusho_no_missho:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8AF7568E-0934-4C3E-9E6D-49DB97D7FD0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "ED7F8BF0-38EB-4C0B-8F82-D020FF29FC8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2007:-:corporate:*:*:*:*:*",
"matchCriteriaId": "4C8BF5EA-30CC-4140-9034-4B46D9F517E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "E43932BE-3BE0-4EDF-81F4-303D5C7C890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2008:-:corporate:*:*:*:*:*",
"matchCriteriaId": "7FC4B58E-FACA-4019-81F6-EF4253A5964A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:*:*:*:*:*:*:*",
"matchCriteriaId": "D64EDE94-7B0D-45B7-9E85-9EF4934A5920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2009:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D01417D2-7784-4971-86AF-BEE17F724D96",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:*:*:*:*:*:*:*",
"matchCriteriaId": "F98E0777-5F3E-43F8-BBDF-BD8513C2E0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken:2010:-:corporate:*:*:*:*:*",
"matchCriteriaId": "581E8D5B-D963-4882-8A5D-3FFD3B642B13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:*:*:*:*:*:*:*",
"matchCriteriaId": "294B95A5-6BC7-45BE-9523-E6A2AFB187CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:justsystems:shuriken_pro:4:-:corporate:*:*:*:*:*",
"matchCriteriaId": "D530A3DE-669B-4BDC-9D3E-77010F18CEA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, \u00fanicamente School, \u00fanicamente School v2009 y v2010, \u00fanicamente Jump v4, \u00fanicamente Frontier, oreplug, Shuriken Pro4, Shuriken v2007 hasta v2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 hasta CE/2009 Corporate Edition, Shuriken v2010 Corporate Edition, Rekishimail Sengokubusho no missho, y Bakumatsushishi no missho que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero de imagen modificado."
}
],
"id": "CVE-2012-0269",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-27T18:55:00.937",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2017-2791 (GCVE-0-2017-2791)
Vulnerability from cvelistv5 – Published: 2017-02-24 22:00 – Updated: 2024-08-05 14:02
VLAI?
Summary
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application.
Severity ?
7.5 (High)
CWE
- remote code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96440"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:15",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96440"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96440"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0199/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2791",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2790 (GCVE-0-2017-2790)
Vulnerability from cvelistv5 – Published: 2017-02-24 22:00 – Updated: 2024-08-05 14:02
VLAI?
Summary
When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application.
Severity ?
8.8 (High)
CWE
- remote code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96442"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:13",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96442"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96442"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0197/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2790",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2789 (GCVE-0-2017-2789)
Vulnerability from cvelistv5 – Published: 2017-02-24 22:00 – Updated: 2024-08-05 14:02
VLAI?
Summary
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application.
Severity ?
8.8 (High)
CWE
- remote code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96438"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:12",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96438"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96438"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0196/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2789",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7247 (GCVE-0-2014-7247)
Vulnerability from cvelistv5 – Published: 2014-11-26 02:00 – Updated: 2024-08-06 12:40
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-26T02:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-7247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#16318793",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"name": "http://www.justsystems.com/jp/info/js14003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-7247",
"datePublished": "2014-11-26T02:00:00",
"dateReserved": "2014-09-30T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2003 (GCVE-0-2014-2003)
Vulnerability from cvelistv5 – Published: 2014-06-16 14:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-2003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.justsystems.com/jp/info/js14002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"name": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-2003",
"datePublished": "2014-06-16T14:00:00",
"dateReserved": "2014-02-17T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5990 (GCVE-0-2013-5990)
Vulnerability from cvelistv5 – Published: 2013-11-13 15:00 – Updated: 2024-09-16 18:13
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-13T15:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-5990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#44999463",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-5990",
"datePublished": "2013-11-13T15:00:00Z",
"dateReserved": "2013-10-03T00:00:00Z",
"dateUpdated": "2024-09-16T18:13:36.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3644 (GCVE-0-2013-3644)
Vulnerability from cvelistv5 – Published: 2013-06-18 18:45 – Updated: 2024-09-17 01:46
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-18T18:45:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.justsystems.com/jp/info/js13002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-3644",
"datePublished": "2013-06-18T18:45:00Z",
"dateReserved": "2013-05-22T00:00:00Z",
"dateUpdated": "2024-09-17T01:46:11.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0707 (GCVE-0-2013-0707)
Vulnerability from cvelistv5 – Published: 2013-03-01 02:00 – Updated: 2024-09-16 19:35
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2013-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-01T02:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2013-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-0707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2013-000015",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-0707",
"datePublished": "2013-03-01T02:00:00Z",
"dateReserved": "2012-12-28T00:00:00Z",
"dateUpdated": "2024-09-16T19:35:50.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1242 (GCVE-0-2012-1242)
Vulnerability from cvelistv5 – Published: 2012-04-27 18:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-1242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81472",
"refsource": "OSVDB",
"url": "http://osvdb.org/81472"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-1242",
"datePublished": "2012-04-27T18:00:00",
"dateReserved": "2012-02-21T00:00:00",
"dateUpdated": "2024-08-06T18:53:36.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0269 (GCVE-0-2012-0269)
Vulnerability from cvelistv5 – Published: 2012-04-27 18:00 – Updated: 2024-09-16 19:01
VLAI?
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:20.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-27T18:00:00Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2012-0269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09619876",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2012-0269",
"datePublished": "2012-04-27T18:00:00Z",
"dateReserved": "2011-12-30T00:00:00Z",
"dateUpdated": "2024-09-16T19:01:01.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2791 (GCVE-0-2017-2791)
Vulnerability from nvd – Published: 2017-02-24 22:00 – Updated: 2024-08-05 14:02
VLAI?
Summary
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application.
Severity ?
7.5 (High)
CWE
- remote code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.798Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96440",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96440"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:15",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96440",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96440"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function\u0027s result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 7.5,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96440",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96440"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0199/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0199/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2791",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2790 (GCVE-0-2017-2790)
Vulnerability from nvd – Published: 2017-02-24 22:00 – Updated: 2024-08-05 14:02
VLAI?
Summary
When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application.
Severity ?
8.8 (High)
CWE
- remote code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96442",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96442"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:13",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96442",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96442"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy. This results in a heap-based buffer overflow and can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96442",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96442"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0197/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0197/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2790",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-2789 (GCVE-0-2017-2789)
Vulnerability from nvd – Published: 2017-02-24 22:00 – Updated: 2024-08-05 14:02
VLAI?
Summary
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application.
Severity ?
8.8 (High)
CWE
- remote code execution
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| JustSystems | Ichitaro |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:02:07.828Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "96438",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/96438"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ichitaro",
"vendor": "JustSystems",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-02-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "remote code execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T18:22:12",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "96438",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/96438"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "talos-cna@cisco.com",
"ID": "CVE-2017-2789",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ichitaro",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "JustSystems"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than the size of the buffer, the application will choose the smaller of the two and trust it to copy data from the file. This value is larger than the buffer size, which leads to a heap-based buffer overflow. This overflow corrupts an offset in the heap used in pointer arithmetic for writing data and can lead to code execution under the context of the application."
}
]
},
"impact": {
"cvss": {
"baseScore": 8.8,
"baseSeverity": "High",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "96438",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/96438"
},
{
"name": "http://www.talosintelligence.com/reports/TALOS-2016-0196/",
"refsource": "MISC",
"url": "http://www.talosintelligence.com/reports/TALOS-2016-0196/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2017-2789",
"datePublished": "2017-02-24T22:00:00",
"dateReserved": "2016-12-01T00:00:00",
"dateUpdated": "2024-08-05T14:02:07.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-7247 (GCVE-0-2014-7247)
Vulnerability from nvd – Published: 2014-11-26 02:00 – Updated: 2024-08-06 12:40
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:40:19.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-11-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-26T02:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#16318793",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-7247",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#16318793",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN16318793/index.html"
},
{
"name": "JVNDB-2014-000131",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131"
},
{
"name": "http://www.justsystems.com/jp/info/js14003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-7247",
"datePublished": "2014-11-26T02:00:00",
"dateReserved": "2014-09-30T00:00:00",
"dateUpdated": "2024-08-06T12:40:19.217Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2003 (GCVE-0-2014-2003)
Vulnerability from nvd – Published: 2014-06-16 14:00 – Updated: 2024-08-06 09:58
VLAI?
Summary
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:58:16.292Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-16T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2014-2003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.justsystems.com/jp/info/js14002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js14002.html"
},
{
"name": "JVNDB-2014-000053",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053"
},
{
"name": "JVN#50129191",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN50129191/index.html"
},
{
"name": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2014-2003",
"datePublished": "2014-06-16T14:00:00",
"dateReserved": "2014-02-17T00:00:00",
"dateUpdated": "2024-08-06T09:58:16.292Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5990 (GCVE-0-2013-5990)
Vulnerability from nvd – Published: 2013-11-13 15:00 – Updated: 2024-09-16 18:13
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:29:42.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-11-13T15:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#44999463",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-5990",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#44999463",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN44999463/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13003.html"
},
{
"name": "JVNDB-2013-000103",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-5990",
"datePublished": "2013-11-13T15:00:00Z",
"dateReserved": "2013-10-03T00:00:00Z",
"dateUpdated": "2024-09-16T18:13:36.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3644 (GCVE-0-2013-3644)
Vulnerability from nvd – Published: 2013-06-18 18:45 – Updated: 2024-09-17 01:46
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:14:56.539Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-18T18:45:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-3644",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.justsystems.com/jp/info/js13002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13002.html"
},
{
"name": "JVN#98712361",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN98712361/index.html"
},
{
"name": "JVNDB-2013-000058",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-3644",
"datePublished": "2013-06-18T18:45:00Z",
"dateReserved": "2013-05-22T00:00:00Z",
"dateUpdated": "2024-09-17T01:46:11.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0707 (GCVE-0-2013-0707)
Vulnerability from nvd – Published: 2013-03-01 02:00 – Updated: 2024-09-16 19:35
VLAI?
Summary
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:33:05.603Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2013-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-01T02:00:00Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2013-000015",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2013-0707",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitrary code via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2013-000015",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-000015"
},
{
"name": "JVN#16817324",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN16817324/index.html"
},
{
"name": "http://www.justsystems.com/jp/info/js13001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js13001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2013-0707",
"datePublished": "2013-03-01T02:00:00Z",
"dateReserved": "2012-12-28T00:00:00Z",
"dateUpdated": "2024-09-16T19:35:50.586Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1242 (GCVE-0-2012-1242)
Vulnerability from nvd – Published: 2012-04-27 18:00 – Updated: 2024-08-06 18:53
VLAI?
Summary
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:36.406Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-13T18:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "81472",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/81472"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2012-1242",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "81472",
"refsource": "OSVDB",
"url": "http://osvdb.org/81472"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
},
{
"name": "JVNDB-2012-000034",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034"
},
{
"name": "JVN#95378720",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN95378720/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2012-1242",
"datePublished": "2012-04-27T18:00:00",
"dateReserved": "2012-02-21T00:00:00",
"dateUpdated": "2024-08-06T18:53:36.406Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0269 (GCVE-0-2012-0269)
Vulnerability from nvd – Published: 2012-04-27 18:00 – Updated: 2024-09-16 19:01
VLAI?
Summary
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:16:20.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-04-27T18:00:00Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "JVN#09619876",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2012-0269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#09619876",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN09619876/index.html"
},
{
"name": "JVNDB-2012-000035",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035"
},
{
"name": "http://www.justsystems.com/jp/info/js12001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/js12001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2012-0269",
"datePublished": "2012-04-27T18:00:00Z",
"dateReserved": "2011-12-30T00:00:00Z",
"dateUpdated": "2024-09-16T19:01:01.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}