Search criteria
8 vulnerabilities by Justsystem
CVE-2017-10870 (GCVE-0-2017-10870)
Vulnerability from cvelistv5 – Published: 2017-11-02 15:00 – Updated: 2024-08-05 17:50
VLAI?
Summary
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file.
Severity ?
No CVSS data available.
CWE
- Memory Corrution vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Justsystem | Rakuraku Hagaki |
Affected:
Rakuraku Hagaki 2018
Affected: Rakuraku Hagaki 2017 Affected: Rakuraku Hagaki 2016 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:50:12.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.justsystems.com/jp/info/js17003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Rakuraku Hagaki",
"vendor": "Justsystem",
"versions": [
{
"status": "affected",
"version": "Rakuraku Hagaki 2018"
},
{
"status": "affected",
"version": "Rakuraku Hagaki 2017"
},
{
"status": "affected",
"version": "Rakuraku Hagaki 2016"
}
]
},
{
"product": "Rakuraku Hagaki Select for Ichitaro",
"vendor": "Justsystem",
"versions": [
{
"status": "affected",
"version": "Ichitaro 2017"
},
{
"status": "affected",
"version": "Ichitaro 2016"
},
{
"status": "affected",
"version": "Ichitaro 2015"
},
{
"status": "affected",
"version": "Ichitaro Pro3"
},
{
"status": "affected",
"version": "Ichitaro Pro2"
},
{
"status": "affected",
"version": "Ichitaro Pro"
},
{
"status": "affected",
"version": "Ichitaro 2011"
},
{
"status": "affected",
"version": "Ichitaro Government 8"
},
{
"status": "affected",
"version": "Ichitaro Government 7"
},
{
"status": "affected",
"version": "Ichitaro Government 6"
},
{
"status": "affected",
"version": "Ichitaro 2017 Trial version"
}
]
}
],
"datePublic": "2017-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Memory Corrution vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-02T14:57:01",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.justsystems.com/jp/info/js17003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2017-10870",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Rakuraku Hagaki",
"version": {
"version_data": [
{
"version_value": "Rakuraku Hagaki 2018"
},
{
"version_value": "Rakuraku Hagaki 2017"
},
{
"version_value": "Rakuraku Hagaki 2016"
}
]
}
},
{
"product_name": "Rakuraku Hagaki Select for Ichitaro",
"version": {
"version_data": [
{
"version_value": "Ichitaro 2017"
},
{
"version_value": "Ichitaro 2016"
},
{
"version_value": "Ichitaro 2015"
},
{
"version_value": "Ichitaro Pro3"
},
{
"version_value": "Ichitaro Pro2"
},
{
"version_value": "Ichitaro Pro"
},
{
"version_value": "Ichitaro 2011"
},
{
"version_value": "Ichitaro Government 8"
},
{
"version_value": "Ichitaro Government 7"
},
{
"version_value": "Ichitaro Government 6"
},
{
"version_value": "Ichitaro 2017 Trial version"
}
]
}
}
]
},
"vendor_name": "Justsystem"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Corrution vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jvn.jp/en/vu/JVNVU93703434/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU93703434/index.html"
},
{
"name": "https://www.justsystems.com/jp/info/js17003.html",
"refsource": "MISC",
"url": "https://www.justsystems.com/jp/info/js17003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2017-10870",
"datePublished": "2017-11-02T15:00:00",
"dateReserved": "2017-07-04T00:00:00",
"dateUpdated": "2024-08-05T17:50:12.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0223 (GCVE-0-2008-0223)
Vulnerability from cvelistv5 – Published: 2008-01-10 23:00 – Updated: 2024-08-07 07:39
VLAI?
Summary
Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:39:34.543Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019168",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019168"
},
{
"name": "27153",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27153"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"name": "28275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28275"
},
{
"name": "ADV-2008-0045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"name": "justsystems-jsfc-bo(39501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
},
{
"name": "JVN#08237857",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019168",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019168"
},
{
"name": "27153",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27153"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"name": "28275",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28275"
},
{
"name": "ADV-2008-0045",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"name": "justsystems-jsfc-bo(39501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
},
{
"name": "JVN#08237857",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0223",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019168",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019168"
},
{
"name": "27153",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27153"
},
{
"name": "http://www.justsystems.com/jp/info/pd8001.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/pd8001.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107"
},
{
"name": "28275",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28275"
},
{
"name": "ADV-2008-0045",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0045"
},
{
"name": "justsystems-jsfc-bo(39501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39501"
},
{
"name": "JVN#08237857",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2308237857/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0223",
"datePublished": "2008-01-10T23:00:00",
"dateReserved": "2008-01-10T00:00:00",
"dateUpdated": "2024-08-07T07:39:34.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6436 (GCVE-0-2007-6436)
Vulnerability from cvelistv5 – Published: 2007-12-18 20:00 – Updated: 2024-08-07 16:02
VLAI?
Summary
Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted document, as actively exploited in December 2007 by the Tarodrop.F trojan. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:02:37.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/39395"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-121308-3953-99"
},
{
"name": "justsystems-jsgci-bo(39025)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39025"
},
{
"name": "ADV-2007-4213",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4213"
},
{
"name": "27992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted document, as actively exploited in December 2007 by the Tarodrop.F trojan. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39395",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/39395"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-121308-3953-99"
},
{
"name": "justsystems-jsgci-bo(39025)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39025"
},
{
"name": "ADV-2007-4213",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4213"
},
{
"name": "27992",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27992"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6436",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted document, as actively exploited in December 2007 by the Tarodrop.F trojan. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39395",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/39395"
},
{
"name": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-121308-3953-99",
"refsource": "MISC",
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-121308-3953-99"
},
{
"name": "justsystems-jsgci-bo(39025)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39025"
},
{
"name": "ADV-2007-4213",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4213"
},
{
"name": "27992",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27992"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6436",
"datePublished": "2007-12-18T20:00:00",
"dateReserved": "2007-12-18T00:00:00",
"dateUpdated": "2024-08-07T16:02:37.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5687 (GCVE-0-2007-5687)
Vulnerability from cvelistv5 – Published: 2007-10-28 16:00 – Updated: 2024-08-07 15:39
VLAI?
Summary
Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "justsystems-jstar04-bo(38130)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38130"
},
{
"name": "26206",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26206"
},
{
"name": "27393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27393"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2"
},
{
"name": "JVN#50495547",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2350495547/index.html"
},
{
"name": "JVN#29211062",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2329211062/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3"
},
{
"name": "39394",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39394"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystems.com/jp/info/pd7004.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1"
},
{
"name": "justsystems-tjsvda-bo(38129)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38129"
},
{
"name": "ADV-2007-3623",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3623"
},
{
"name": "JVN#32981509",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2332981509/index.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "justsystems-jstar04-bo(38130)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38130"
},
{
"name": "26206",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26206"
},
{
"name": "27393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27393"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2"
},
{
"name": "JVN#50495547",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2350495547/index.html"
},
{
"name": "JVN#29211062",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2329211062/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3"
},
{
"name": "39394",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39394"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystems.com/jp/info/pd7004.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1"
},
{
"name": "justsystems-tjsvda-bo(38129)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38129"
},
{
"name": "ADV-2007-3623",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3623"
},
{
"name": "JVN#32981509",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2332981509/index.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5687",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "justsystems-jstar04-bo(38130)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38130"
},
{
"name": "26206",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26206"
},
{
"name": "27393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27393"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2"
},
{
"name": "JVN#50495547",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2350495547/index.html"
},
{
"name": "JVN#29211062",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2329211062/index.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3"
},
{
"name": "39394",
"refsource": "OSVDB",
"url": "http://osvdb.org/39394"
},
{
"name": "http://www.justsystems.com/jp/info/pd7004.html",
"refsource": "CONFIRM",
"url": "http://www.justsystems.com/jp/info/pd7004.html"
},
{
"name": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1",
"refsource": "MISC",
"url": "http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1"
},
{
"name": "justsystems-tjsvda-bo(38129)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38129"
},
{
"name": "ADV-2007-3623",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3623"
},
{
"name": "JVN#32981509",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2332981509/index.html"
},
{
"name": "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5687",
"datePublished": "2007-10-28T16:00:00",
"dateReserved": "2007-10-28T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-4246 (GCVE-0-2007-4246)
Vulnerability from cvelistv5 – Published: 2007-08-08 23:00 – Updated: 2024-08-07 14:46
VLAI?
Summary
Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:46:39.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/enterprise/security_response/weblog/2007/08/unknown_exploit_compromises_ic.html"
},
{
"name": "justsystems-unspecified-code-execution(35822)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35822"
},
{
"name": "ADV-2007-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2780"
},
{
"name": "25187",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25187"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-080210-4815-99"
},
{
"name": "39393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39393"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystem.co.jp/info/pd7003.html"
},
{
"name": "26317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26317"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-08-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/enterprise/security_response/weblog/2007/08/unknown_exploit_compromises_ic.html"
},
{
"name": "justsystems-unspecified-code-execution(35822)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35822"
},
{
"name": "ADV-2007-2780",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2780"
},
{
"name": "25187",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25187"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-080210-4815-99"
},
{
"name": "39393",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39393"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystem.co.jp/info/pd7003.html"
},
{
"name": "26317",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26317"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-4246",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/enterprise/security_response/weblog/2007/08/unknown_exploit_compromises_ic.html",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/security_response/weblog/2007/08/unknown_exploit_compromises_ic.html"
},
{
"name": "justsystems-unspecified-code-execution(35822)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35822"
},
{
"name": "ADV-2007-2780",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2780"
},
{
"name": "25187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25187"
},
{
"name": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-080210-4815-99",
"refsource": "MISC",
"url": "http://www.symantec.com/security_response/writeup.jsp?docid=2007-080210-4815-99"
},
{
"name": "39393",
"refsource": "OSVDB",
"url": "http://osvdb.org/39393"
},
{
"name": "http://www.justsystem.co.jp/info/pd7003.html",
"refsource": "CONFIRM",
"url": "http://www.justsystem.co.jp/info/pd7003.html"
},
{
"name": "26317",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26317"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-4246",
"datePublished": "2007-08-08T23:00:00",
"dateReserved": "2007-08-08T00:00:00",
"dateUpdated": "2024-08-07T14:46:39.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6400 (GCVE-0-2006-6400)
Vulnerability from cvelistv5 – Published: 2006-12-10 02:00 – Updated: 2024-08-07 20:26
VLAI?
Summary
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.375Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#47272891",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23185"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "JVN#47272891",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23185"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#47272891",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2347272891/index.html"
},
{
"name": "http://www.justsystem.co.jp/info/pd6005.html",
"refsource": "CONFIRM",
"url": "http://www.justsystem.co.jp/info/pd6005.html"
},
{
"name": "1017336",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017336"
},
{
"name": "ADV-2006-4857",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4857"
},
{
"name": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html",
"refsource": "MISC",
"url": "http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"
},
{
"name": "21445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21445"
},
{
"name": "23185",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23185"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6400",
"datePublished": "2006-12-10T02:00:00",
"dateReserved": "2006-12-09T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.375Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5424 (GCVE-0-2006-5424)
Vulnerability from cvelistv5 – Published: 2006-10-20 17:00 – Updated: 2024-08-07 19:48
VLAI?
Summary
Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:30.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20610",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20610"
},
{
"name": "ichitaro-unspecified-bo(29654)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29654"
},
{
"name": "JVN#90815371",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2390815371/index.html"
},
{
"name": "ADV-2006-4092",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4092"
},
{
"name": "22386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22386"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystem.co.jp/info/pd6004.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20610",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20610"
},
{
"name": "ichitaro-unspecified-bo(29654)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29654"
},
{
"name": "JVN#90815371",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2390815371/index.html"
},
{
"name": "ADV-2006-4092",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4092"
},
{
"name": "22386",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22386"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystem.co.jp/info/pd6004.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20610",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20610"
},
{
"name": "ichitaro-unspecified-bo(29654)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29654"
},
{
"name": "JVN#90815371",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2390815371/index.html"
},
{
"name": "ADV-2006-4092",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4092"
},
{
"name": "22386",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22386"
},
{
"name": "http://www.justsystem.co.jp/info/pd6004.html",
"refsource": "CONFIRM",
"url": "http://www.justsystem.co.jp/info/pd6004.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5424",
"datePublished": "2006-10-20T17:00:00",
"dateReserved": "2006-10-20T00:00:00",
"dateUpdated": "2024-08-07T19:48:30.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4326 (GCVE-0-2006-4326)
Vulnerability from cvelistv5 – Published: 2006-08-24 01:00 – Updated: 2024-08-07 19:06
VLAI?
Summary
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.633Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "21552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21552"
},
{
"name": "ADV-2006-3332",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3332"
},
{
"name": "ichitaro-document-bo(28484)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28484"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/enterprise/security_response/weblog/2006/08/justsystems_ichitaro_0day_used.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-081615-5201-99"
},
{
"name": "19550",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19550"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.justsystem.co.jp/info/pd6002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "21552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21552"
},
{
"name": "ADV-2006-3332",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3332"
},
{
"name": "ichitaro-document-bo(28484)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28484"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/enterprise/security_response/weblog/2006/08/justsystems_ichitaro_0day_used.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-081615-5201-99"
},
{
"name": "19550",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19550"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.justsystem.co.jp/info/pd6002.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "21552",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21552"
},
{
"name": "ADV-2006-3332",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3332"
},
{
"name": "ichitaro-document-bo(28484)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28484"
},
{
"name": "http://www.symantec.com/enterprise/security_response/weblog/2006/08/justsystems_ichitaro_0day_used.html",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/security_response/weblog/2006/08/justsystems_ichitaro_0day_used.html"
},
{
"name": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-081615-5201-99",
"refsource": "MISC",
"url": "http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-081615-5201-99"
},
{
"name": "19550",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19550"
},
{
"name": "http://www.justsystem.co.jp/info/pd6002.html",
"refsource": "CONFIRM",
"url": "http://www.justsystem.co.jp/info/pd6002.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4326",
"datePublished": "2006-08-24T01:00:00",
"dateReserved": "2006-08-23T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.633Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}