CVE-2011-1331
https://notcve.org/view.php?id=CVE-2011-1331
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011. JustSystems Ichitaro v2005 hasta v2011, Ichitaro Government v6, Ichitaro Gobierno de v2006 a v2010, Ichitaro portátil, Ichitaro Pro, y el Visor de Ichitaro permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria heap ) a través de un documento manipulado, como se exploto a principios de 2011. • http://jvn.jp/en/jp/JVN87239473/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043 http://secunia.com/advisories/44956 http://www.justsystems.com/jp/info/js11001.html http://www.securityfocus.com/bid/48283 http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability https://exchange.xforce.ibmcloud.com/vulnerabilities/68072 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-1054
https://notcve.org/view.php?id=CVE-2009-1054
Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to execute arbitrary code via a crafted file, as exploited in the wild by Trojan.Tarodrop.H in March 2009. Vulnerabilidad inespecífica en JustSystems Ichitaro v13, de la v2004 hasta la v2008, Lite2, y Ichitaro viewer v5.1.5.0 y anteriores permite a atacantes remotos ejecutar código de forma arbitraria a través de un fichero manipulado, tal y como lo explotaba Trojan.Tarodrop.H en Marzo de 2009. • http://secunia.com/advisories/34405 http://www.justsystems.com/jp/info/js09001.html http://www.securityfocus.com/bid/34138 http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-031608-2424-99 http://www.vupen.com/english/advisories/2009/0769 https://exchange.xforce.ibmcloud.com/vulnerabilities/49280 •
CVE-2006-6400
https://notcve.org/view.php?id=CVE-2006-6400
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields. Desbordamiento de búfer en JustSystems Hanako 2004 hasta 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, y Sanshiro 2005 permite a atacantes remotos ejecutar código de su elección mediante los campos (1) Keyword y (2) Title, relativos a campos de longitud de cadenas. • http://jvn.jp/jp/JVN%2347272891/index.html http://secunia.com/advisories/23185 http://securitytracker.com/id?1017336 http://www.justsystem.co.jp/info/pd6005.html http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html http://www.securityfocus.com/bid/21445 http://www.vupen.com/english/advisories/2006/4857 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •