All the vulnerabilites related to JustSystems Corporation - Ichitaro
jvndb-2011-000043
Vulnerability from jvndb
Published
2011-06-16 19:04
Modified
2011-06-16 19:04
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
This vulnerability differs from other issues that were previously published on JVN.
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000043.html",
"dc:date": "2011-06-16T19:04+09:00",
"dcterms:issued": "2011-06-16T19:04+09:00",
"dcterms:modified": "2011-06-16T19:04+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\nThis vulnerability differs from other issues that were previously published on JVN.\r\n\r\nThe \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000043.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_portable",
"@product": "Ichitaro Portable",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_pro",
"@product": "Ichitaro Pro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_viewer",
"@product": "Ichitaro Viewer",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000043",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN87239473/index.html",
"@id": "JVN#87239473",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1331",
"@id": "CVE-2011-1331",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1331",
"@id": "CVE-2011-1331",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201106_ichitaro_en.html",
"@id": "Security Alert for Vulnerability in the Ichitaro Series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}
jvndb-2014-000131
Vulnerability from jvndb
Published
2014-11-13 16:52
Modified
2014-11-27 17:58
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
This vulnerability differs from other issues that were previously published on JVN.
For more information, please refer to the developer's website.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000131.html",
"dc:date": "2014-11-27T17:58+09:00",
"dcterms:issued": "2014-11-13T16:52+09:00",
"dcterms:modified": "2014-11-27T17:58+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\nThis vulnerability differs from other issues that were previously published on JVN.\r\n\r\nFor more information, please refer to the developer\u0027s website.",
"link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000131.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_pro",
"@product": "Ichitaro Pro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2014-000131",
"sec:references": [
{
"#text": "http://jvn.jp/jp/JVN16318793/index.html",
"@id": "JVN#16318793",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7247",
"@id": "CVE-2014-7247",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7247",
"@id": "CVE-2014-7247",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/ciadr/vul/20141113-jvn.html",
"@id": "Security Alert for Ichitaro series vulnerable to arbitrary code execution (JVN#16318793)",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}
jvndb-2012-000034
Vulnerability from jvndb
Published
2012-04-24 13:36
Modified
2012-04-24 13:36
Summary
Multiple JustSystems products may insecurely load dynamic libraries
Details
Multiple JustSystems products may use unsafe methods for determining how to load DLL's.
Multiple JustSystems products contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.
Naoto Katsumi of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000034.html",
"dc:date": "2012-04-24T13:36+09:00",
"dcterms:issued": "2012-04-24T13:36+09:00",
"dcterms:modified": "2012-04-24T13:36+09:00",
"description": "Multiple JustSystems products may use unsafe methods for determining how to load DLL\u0027s.\r\n\r\nMultiple JustSystems products contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.\r\n\r\nNaoto Katsumi of LAC Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000034.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_portable",
"@product": "Ichitaro Portable",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_viewer",
"@product": "Ichitaro Viewer",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:justschool",
"@product": "Just School",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_frontier",
"@product": "Just Frontier",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_jump",
"@product": "Just Jump",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/h:justsystems:oreplug",
"@product": "oreplug",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2012-000034",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN95378720/index.html",
"@id": "JVN#95378720",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1242",
"@id": "CVE-2012-1242",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1242",
"@id": "CVE-2012-1242",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple JustSystems products may insecurely load dynamic libraries"
}
jvndb-2013-000103
Vulnerability from jvndb
Published
2013-11-12 14:33
Modified
2013-11-15 10:22
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
This vulnerability differs from other issues that were previously published on JVN.
For more information, please refer to the developer's website.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000103.html",
"dc:date": "2013-11-15T10:22+09:00",
"dcterms:issued": "2013-11-12T14:33+09:00",
"dcterms:modified": "2013-11-15T10:22+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\nThis vulnerability differs from other issues that were previously published on JVN.\r\n\r\nFor more information, please refer to the developer\u0027s website.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000103.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_portable",
"@product": "Ichitaro Portable",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_pro",
"@product": "Ichitaro Pro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_viewer",
"@product": "Ichitaro Viewer",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000103",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN44999463/index.html",
"@id": "JVN#44999463",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5990",
"@id": "CVE-2013-5990",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5990",
"@id": "CVE-2013-5990",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/ciadr/vul/20131112-jvn.html",
"@id": "Security Alert for Ichitaro series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://www.npa.go.jp/cyberpolice/topics/?seq=12597",
"@id": "Vulnerability in JustSystems products",
"@source": "AT-POLICE"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}
jvndb-2013-000058
Vulnerability from jvndb
Published
2013-06-18 15:17
Modified
2013-06-26 14:49
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
This vulnerability differs from other issues that were previously published on JVN.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000058.html",
"dc:date": "2013-06-26T14:49+09:00",
"dcterms:issued": "2013-06-18T15:17+09:00",
"dcterms:modified": "2013-06-26T14:49+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\nThis vulnerability differs from other issues that were previously published on JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000058.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_portable",
"@product": "Ichitaro Portable",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_pro",
"@product": "Ichitaro Pro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_viewer",
"@product": "Ichitaro Viewer",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:justschool",
"@product": "Just School",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000058",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN98712361/index.html",
"@id": "JVN#98712361",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3644",
"@id": "CVE-2013-3644",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3644",
"@id": "CVE-2013-3644",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/ciadr/vul/20130618-jvn.html",
"@id": "Security Alert for Vulnerability in the Ichitaro Series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}
jvndb-2010-000024
Vulnerability from jvndb
Published
2010-06-01 17:37
Modified
2010-06-01 17:37
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
This vulnerability is different from JVN#98467259.
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000024.html",
"dc:date": "2010-06-01T17:37+09:00",
"dcterms:issued": "2010-06-01T17:37+09:00",
"dcterms:modified": "2010-06-01T17:37+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\nThis vulnerability is different from JVN#98467259.\r\n\r\nThe \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000024.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:justschool",
"@product": "Just School",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000024",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN17293765/index.html",
"@id": "JVN#17293765",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2152",
"@id": "CVE-2010-2152",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2152",
"@id": "CVE-2010-2152",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/topics/alert20100602.html",
"@id": "alert20100602",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201006_ichitaro_en.html",
"@id": "Security Alert for Vulnerability in the Ichitaro Series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/40008",
"@id": "SA40008",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/40472",
"@id": "40472",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/59037",
"@id": "59037",
"@source": "XF"
},
{
"#text": "http://www.vupen.com/english/advisories/2010/1283",
"@id": "VUPEN/ADV-2010-1283",
"@source": "VUPEN"
},
{
"#text": "http://osvdb.org/65050",
"@id": "65050",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}
jvndb-2007-000877
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ichitaro series buffer overflow vulnerability
Details
The "Ichitaro" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN#29211062 and JVN#50495547.
The "Ichitaro" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user opens a specially crafted jtd file or views it on a web browser, an attacker could execute arbitrary code with the privileges of the user.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000877.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "The \"Ichitaro\" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN#29211062 and JVN#50495547.\r\n\r\nThe \"Ichitaro\" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user opens a specially crafted jtd file or views it on a web browser, an attacker could execute arbitrary code with the privileges of the user.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000877.html",
"sec:cpe": {
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000877",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN32981509/index.html",
"@id": "JVN#32981509",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5687",
"@id": "CVE-2007-5687",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5687",
"@id": "CVE-2007-5687",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/27393",
"@id": "SA27393",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/26206",
"@id": "26206",
"@source": "BID"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/3623",
"@id": "FrSIRT/ADV-2007-3623",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Ichitaro series buffer overflow vulnerability"
}
jvndb-2007-000876
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ichitaro series buffer overflow vulnerability
Details
The "Ichitaro" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN#32981509 and JVN#50495547.
The "Ichitaro" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user opens a specially crafted jtd file or views it on a web browser, an attacker could execute arbitrary code with the privileges of the user.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000876.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "The \"Ichitaro\" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN#32981509 and JVN#50495547.\r\n\r\nThe \"Ichitaro\" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user opens a specially crafted jtd file or views it on a web browser, an attacker could execute arbitrary code with the privileges of the user.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000876.html",
"sec:cpe": {
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000876",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN29211062/index.html",
"@id": "JVN#29211062",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5687",
"@id": "CVE-2007-5687",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5687",
"@id": "CVE-2007-5687",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/27393",
"@id": "SA27393",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/26206",
"@id": "26206",
"@source": "BID"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/3623",
"@id": "FrSIRT/ADV-2007-3623",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Ichitaro series buffer overflow vulnerability"
}
jvndb-2008-000001
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Multiple JustSystems products vulnerable to buffer overflow
Details
Multiple JustSystems products are vulnerable to buffer overflow.
Multiple JustSystems products contain a vulnerability which allows a remote attacker to cause buffer overflow when a user opens or views a specially crafted .jtd file.
Multiple products are affected by this vulnerability.
For details, see the information provided by JustSystems.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000001.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Multiple JustSystems products are vulnerable to buffer overflow.\r\n\r\nMultiple JustSystems products contain a vulnerability which allows a remote attacker to cause buffer overflow when a user opens or views a specially crafted .jtd file.\r\n\r\nMultiple products are affected by this vulnerability.\r\nFor details, see the information provided by JustSystems.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000001.html",
"sec:cpe": {
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000001",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN08237857/index.html",
"@id": "JVN#08237857",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0223",
"@id": "CVE-2008-0223",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0223",
"@id": "CVE-2008-0223",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/200801_JustSystem_press_en.html",
"@id": "Security Alert for Vulnerability in Multiple JustSystems Products",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107",
"@id": "FFRRA-20080107",
"@source": "FFRRA"
},
{
"#text": "http://secunia.com/advisories/28275",
"@id": "SA28275",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/27153",
"@id": "27153",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/39501",
"@id": "39501",
"@source": "XF"
},
{
"#text": "http://www.frsirt.com/english/advisories/2008/0045",
"@id": "FrSIRT/ADV-2008-0045",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Multiple JustSystems products vulnerable to buffer overflow"
}
jvndb-2012-000035
Vulnerability from jvndb
Published
2012-04-24 13:37
Modified
2012-05-09 19:49
Summary
Multiple JustSystems products vulnerable to buffer overflow
Details
Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability.
Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability due to improper handling of image files.
Tielei Wang of Georgia Tech Information Security Center reported this vulnerability to JPCERT/CC via The Secunia Vulnerability Coordination Reward Programme (SVCRP).
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000035.html",
"dc:date": "2012-05-09T19:49+09:00",
"dcterms:issued": "2012-04-24T13:37+09:00",
"dcterms:modified": "2012-05-09T19:49+09:00",
"description": "Multiple products provided by JustSystems Corporation contain a buffer overflow vulnerability.\r\n\r\nMultiple products provided by JustSystems Corporation contain a buffer overflow vulnerability due to improper handling of image files.\r\n\r\nTielei Wang of Georgia Tech Information Security Center reported this vulnerability to JPCERT/CC via The Secunia Vulnerability Coordination Reward Programme (SVCRP).\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000035.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_portable",
"@product": "Ichitaro Portable",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_viewer",
"@product": "Ichitaro Viewer",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:justschool",
"@product": "Just School",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_frontier",
"@product": "Just Frontier",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_jump",
"@product": "Just Jump",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:rekishimail",
"@product": "Rekishimail",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:shuriken",
"@product": "Shuriken",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/h:justsystems:oreplug",
"@product": "oreplug",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2012-000035",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN09619876/index.html",
"@id": "JVN#09619876",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0269",
"@id": "CVE-2012-0269",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0269",
"@id": "CVE-2012-0269",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201205_justsystem_en.html",
"@id": "Security Alert for Vulnerability in Multiple JustSystems Products",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/47363/",
"@id": "SA47363 JustSystems Multiple Products Two Vulnerabilities",
"@source": "SECUNIA"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-189",
"@title": "Numeric Errors(CWE-189)"
}
],
"title": "Multiple JustSystems products vulnerable to buffer overflow"
}
jvndb-2010-000015
Vulnerability from jvndb
Published
2010-04-12 17:17
Modified
2010-04-12 17:17
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
For more information, refer to the developer's website.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000015.html",
"dc:date": "2010-04-12T17:17+09:00",
"dcterms:issued": "2010-04-12T17:17+09:00",
"dcterms:modified": "2010-04-12T17:17+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\n\r\nThe \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\nFor more information, refer to the developer\u0027s website.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000015.html",
"sec:cpe": {
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000015",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN98467259/index.html",
"@id": "JVN#98467259",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1424",
"@id": "CVE-2010-1424",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1424",
"@id": "CVE-2010-1424",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201004_ichitaro_en.html",
"@id": "Security Alert for Vulnerability in the Ichitaro Series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://www.ipa.go.jp/security/topics/alert20100419.html",
"@id": "20100419",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/39256/",
"@id": "SA39256",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/39369",
"@id": "39369",
"@source": "BID"
},
{
"#text": "http://www.securitytracker.com/id?1023844",
"@id": "1023844",
"@source": "SECTRACK"
},
{
"#text": "http://www.vupen.com/english/advisories/2010/0854",
"@id": "VUPEN/ADV-2010-0854",
"@source": "VUPEN"
},
{
"#text": "http://osvdb.org/63651",
"@id": "63651",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}
jvndb-2010-000053
Vulnerability from jvndb
Published
2010-11-04 19:11
Modified
2010-11-05 16:15
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
This vulnerability differs from JVN#19173793, and other issues that were previously published on JVN.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000053.html",
"dc:date": "2010-11-05T16:15+09:00",
"dcterms:issued": "2010-11-04T19:11+09:00",
"dcterms:modified": "2010-11-05T16:15+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\n\r\nThis vulnerability differs from JVN#19173793, and other issues that were previously published on JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000053.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000053",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN01948274/index.html",
"@id": "JVN#01948274",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3916",
"@id": "CVE-2010-3916",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3916",
"@id": "CVE-2010-3916",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201011_ichitaro_en.html",
"@id": "Security Alert for Vulnerability in the Ichitaro Series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/42099",
"@id": "SA42099",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/44637",
"@id": "44637",
"@source": "BID"
},
{
"#text": "http://www.vupen.com/english/advisories/2010/2885",
"@id": "VUPEN/ADV-2010-2885",
"@source": "VUPEN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}
jvndb-2009-000018
Vulnerability from jvndb
Published
2010-03-23 17:42
Modified
2010-03-23 17:42
Summary
Ichitaro series buffer overflow vulnerability
Details
The "Ichitaro" series word processing software contains a buffer overflow vulnerability.
This vulnerability is different from JVN#29211062, JVN#32981509 and JVN#50495547.
The "Ichitaro" series word processing software, from JustSystems Corporation, contains an issue in the reading of Rich Text Files resulting in a buffer overflow vulnerability. When a user opens a specially crafted file locally or through a website, arbitrary code may be executed with privleges of the user.
Yuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000018.html",
"dc:date": "2010-03-23T17:42+09:00",
"dcterms:issued": "2010-03-23T17:42+09:00",
"dcterms:modified": "2010-03-23T17:42+09:00",
"description": "The \"Ichitaro\" series word processing software contains a buffer overflow vulnerability.\r\n\r\nThis vulnerability is different from JVN#29211062, JVN#32981509 and JVN#50495547.\r\n\r\nThe \"Ichitaro\" series word processing software, from JustSystems Corporation, contains an issue in the reading of Rich Text Files resulting in a buffer overflow vulnerability. When a user opens a specially crafted file locally or through a website, arbitrary code may be executed with privleges of the user.\r\n\r\nYuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000018.html",
"sec:cpe": {
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2009-000018",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN33846134/index.html",
"@id": "JVN#33846134",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4737",
"@id": "CVE-2009-4737",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4737",
"@id": "CVE-2009-4737",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/200904_ichitaro_en.html",
"@id": "Security Alert for Security Vulnerability in the Ichitaro Series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/34611/",
"@id": "SA34611",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/34403",
"@id": "34403",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/49739",
"@id": "49739",
"@source": "XF"
},
{
"#text": "http://www.vupen.com/english/advisories/2009/0957",
"@id": "VUPEN/ADV-2009-0957",
"@source": "VUPEN"
},
{
"#text": "http://osvdb.org/53349",
"@id": "53349",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Ichitaro series buffer overflow vulnerability"
}
jvndb-2006-000734
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ichitaro buffer overflow vulnerability
Details
Ichitaro, word-processing software contains a buffer overflow vulnerability.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000734.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Ichitaro, word-processing software contains a buffer overflow vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2006/JVNDB-2006-000734.html",
"sec:cpe": {
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2006-000734",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN90815371/index.html",
"@id": "JVN#90815371",
"@source": "JVN"
},
{
"#text": "http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5424",
"@id": "CVE-2006-5424",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-5424",
"@id": "CVE-2006-5424",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/22386/",
"@id": "SA22386",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/20610",
"@id": "20610",
"@source": "BID"
},
{
"#text": "http://www.frsirt.com/english/advisories/2006/4092",
"@id": "FrSIRT/ADV-2006-4092",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-399",
"@title": "Resource Management Errors(CWE-399)"
}
],
"title": "Ichitaro buffer overflow vulnerability"
}
jvndb-2023-000102
Vulnerability from jvndb
Published
2023-10-19 15:16
Modified
2024-05-16 16:44
Severity ?
Summary
Multiple vulnerabilities in JustSystems products
Details
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below.
* Use after free (CWE-416) - CVE-2023-34366
* Integer overflow (CWE-190) - CVE-2023-38127
* Access of resource using incompatible type (Type confusion) (CWE-843) - CVE-2023-38128
* Improper validation of array index (CWE-129) - CVE-2023-35126
Cisco Talos Security Intelligence & Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solution through JVN.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000102.html",
"dc:date": "2024-05-16T16:44+09:00",
"dcterms:issued": "2023-10-19T15:16+09:00",
"dcterms:modified": "2024-05-16T16:44+09:00",
"description": "Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below.\r\n\r\n * Use after free (CWE-416) - CVE-2023-34366\r\n * Integer overflow (CWE-190) - CVE-2023-38127\r\n * Access of resource using incompatible type (Type confusion) (CWE-843) - CVE-2023-38128\r\n * Improper validation of array index (CWE-129) - CVE-2023-35126\r\n\r\nCisco Talos Security Intelligence \u0026 Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solution through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000102.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_government",
"@product": "JUST Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_office",
"@product": "JUST Office",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_police",
"@product": "JUST Police",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:rakuraku_hagaki",
"@product": "Rakuraku Hagaki",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "1.9",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:L/AC:M/Au:N/C:N/I:N/A:P",
"@version": "2.0"
},
{
"@score": "3.3",
"@severity": "Low",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000102",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN28846531/index.html",
"@id": "JVN#28846531",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-34366",
"@id": "CVE-2023-34366",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-38127",
"@id": "CVE-2023-38127",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-38128",
"@id": "CVE-2023-38128",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-35126",
"@id": "CVE-2023-35126",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-34366",
"@id": "CVE-2023-34366",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38127",
"@id": "CVE-2023-38127",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-38128",
"@id": "CVE-2023-38128",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-35126",
"@id": "CVE-2023-35126",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple vulnerabilities in JustSystems products"
}
jvndb-2023-000031
Vulnerability from jvndb
Published
2023-04-04 15:22
Modified
2024-05-29 17:32
Severity ?
Summary
Multiple vulnerabilities in JustSystems products
Details
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below.
<ul><li>Use After Free (CWE-416) - CVE-2022-43664</li>
<li>Heap-based Buffer Overflow (CWE-122) - CVE-2022-45115</li>
<li>Free of Memory not on the Heap (CWE-590) - CVE-2023-22291</li>
<li>Heap-based Buffer Overflow (CWE-122) - CVE-2023-22660</li></ul>
Cisco Talos Security Intelligence & Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solutions through JVN.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000031.html",
"dc:date": "2024-05-29T17:32+09:00",
"dcterms:issued": "2023-04-04T15:22+09:00",
"dcterms:modified": "2024-05-29T17:32+09:00",
"description": "Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below.\r\n\u003cul\u003e\u003cli\u003eUse After Free (CWE-416) - CVE-2022-43664\u003c/li\u003e\r\n\u003cli\u003eHeap-based Buffer Overflow (CWE-122) - CVE-2022-45115\u003c/li\u003e\r\n\u003cli\u003eFree of Memory not on the Heap (CWE-590) - CVE-2023-22291\u003c/li\u003e\r\n\u003cli\u003eHeap-based Buffer Overflow (CWE-122) - CVE-2023-22660\u003c/li\u003e\u003c/ul\u003e\r\nCisco Talos Security Intelligence \u0026 Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solutions through JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000031.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:hanako",
"@product": "Hanako",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:homepage_builder_21",
"@product": "Homepage Builder 21",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_government",
"@product": "JUST Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_office",
"@product": "JUST Office",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:just_police",
"@product": "JUST Police",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:label_mighty",
"@product": "Label Mighty",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:rakuraku_hagaki",
"@product": "Rakuraku Hagaki",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2023-000031",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN79149117/index.html",
"@id": "JVN#79149117",
"@source": "JVN"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-43664",
"@id": "CVE-2022-43664",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2022-45115",
"@id": "CVE-2022-45115",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-22291",
"@id": "CVE-2023-22291",
"@source": "CVE"
},
{
"#text": "https://www.cve.org/CVERecord?id=CVE-2023-22660",
"@id": "CVE-2023-22660",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-43664",
"@id": "CVE-2022-43664",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2022-45115",
"@id": "CVE-2022-45115",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22291",
"@id": "CVE-2023-22291",
"@source": "NVD"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-22660",
"@id": "CVE-2023-22660",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Multiple vulnerabilities in JustSystems products"
}
jvndb-2013-000015
Vulnerability from jvndb
Published
2013-02-26 14:45
Modified
2013-02-26 14:45
Summary
Multiple JustSystems products vulnerable to arbitrary code execution
Details
Multiple products provided by JustSystems Corporation contain a vulnerability that may allow arbitrary code execution.
For more information, refer to the information provided by the developer.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Hanako | |
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000015.html",
"dc:date": "2013-02-26T14:45+09:00",
"dcterms:issued": "2013-02-26T14:45+09:00",
"dcterms:modified": "2013-02-26T14:45+09:00",
"description": "Multiple products provided by JustSystems Corporation contain a vulnerability that may allow arbitrary code execution.\r\n\r\nFor more information, refer to the information provided by the developer.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000015.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:hanako",
"@product": "Hanako",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000015",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN16817324/index.html",
"@id": "JVN#16817324",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0707",
"@id": "CVE-2013-0707",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0707",
"@id": "CVE-2013-0707",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/about/press/20130226.html",
"@id": "Security Alert for Vulnerability in Multiple JustSystems Products",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://www.symantec.com/connect/blogs/ichitaro-vulnerability-another-zero-day-exploit-wild",
"@id": "Ichitaro Vulnerability: Another Zero-Day Exploit in the Wild | Symantec Connect Community",
"@source": "Related document"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Multiple JustSystems products vulnerable to arbitrary code execution"
}
jvndb-2007-000878
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Ichitaro series buffer overflow vulnerability
Details
The "Ichitaro" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN#29211062 and JVN#32981509.
The "Ichitaro" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user opens a specially crafted jtd file or views it on a web browser, an attacker could execute arbitrary code with the privileges of the user.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| JustSystems Corporation | Ichitaro |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000878.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "The \"Ichitaro\" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN#29211062 and JVN#32981509.\r\n\r\nThe \"Ichitaro\" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user opens a specially crafted jtd file or views it on a web browser, an attacker could execute arbitrary code with the privileges of the user.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000878.html",
"sec:cpe": {
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000878",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN50495547/index.html",
"@id": "JVN#50495547",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5687",
"@id": "CVE-2007-5687",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5687",
"@id": "CVE-2007-5687",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/27393",
"@id": "SA27393",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/26206",
"@id": "26206",
"@source": "BID"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/3623",
"@id": "FrSIRT/ADV-2007-3623",
"@source": "FRSIRT"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "Ichitaro series buffer overflow vulnerability"
}
jvndb-2017-008629
Vulnerability from jvndb
Published
2017-10-25 12:17
Modified
2018-03-14 14:01
Severity ?
Summary
Memory corruption vulnerability in Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro
Details
Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro contain a memory corruption vulnerability.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-008629.html",
"dc:date": "2018-03-14T14:01+09:00",
"dcterms:issued": "2017-10-25T12:17+09:00",
"dcterms:modified": "2018-03-14T14:01+09:00",
"description": "Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro contain a memory corruption vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-008629.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_pro",
"@product": "Ichitaro Pro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:rakuraku_hagaki",
"@product": "Rakuraku Hagaki",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "5.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2017-008629",
"sec:references": [
{
"#text": "http://jvn.jp/en/vu/JVNVU93703434/index.html",
"@id": "JVNVU#93703434",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10870",
"@id": "CVE-2017-10870",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2017-10870",
"@id": "CVE-2017-10870",
"@source": "NVD"
}
],
"title": "Memory corruption vulnerability in Rakuraku Hagaki and Rakuraku Hagaki Select for Ichitaro"
}
jvndb-2010-000052
Vulnerability from jvndb
Published
2010-11-04 19:10
Modified
2010-11-05 16:15
Summary
Ichitaro series vulnerable to arbitrary code execution
Details
The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.
This vulnerability differs from JVN#01948274, and other issues that were previously published on JVN.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000052.html",
"dc:date": "2010-11-05T16:15+09:00",
"dcterms:issued": "2010-11-04T19:10+09:00",
"dcterms:modified": "2010-11-05T16:15+09:00",
"description": "The \"Ichitaro\" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution.\r\n\r\nThis vulnerability differs from JVN#01948274, and other issues that were previously published on JVN.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000052.html",
"sec:cpe": [
{
"#text": "cpe:/a:justsystems:ichitaro",
"@product": "Ichitaro",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
},
{
"#text": "cpe:/a:justsystems:ichitaro_government",
"@product": "Ichitaro Government",
"@vendor": "JustSystems Corporation",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.3",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000052",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN19173793/index.html",
"@id": "JVN#19173793",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3915",
"@id": "CVE-2010-3915",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3915",
"@id": "CVE-2010-3915",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201011_ichitaro_en.html",
"@id": "Security Alert for Vulnerability in the Ichitaro Series",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/42099",
"@id": "SA42099",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/44637",
"@id": "44637",
"@source": "BID"
},
{
"#text": "http://www.vupen.com/english/advisories/2010/2885",
"@id": "VUPEN/ADV-2010-2885",
"@source": "VUPEN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Ichitaro series vulnerable to arbitrary code execution"
}