CVSS: 10.0EPSS: 2%CPEs: 16EXPL: 0CVE-2014-7247
https://notcve.org/view.php?id=CVE-2014-7247
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file. Vulnerabilidad no especificada en JustSystems Ichitaro 2008 hasta 2011; Ichitaro Government 6, 7, 2008, 2009, y 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; y Ichitaro 2014 Tetsu permite a atacantes remotos ejecutar código arbitrario a través de un fichero manipulado. • http://jvn.jp/en/jp/JVN16318793/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 http://www.justsystems.com/jp/info/js14003.html • CWE-19: Data Processing Errors •
CVSS: 7.6EPSS: 3%CPEs: 24EXPL: 0CVE-2014-2003
https://notcve.org/view.php?id=CVE-2014-2003
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature. JustSystems JUST Online Update, utilizado en Ichitaro hasta 2014 y otros productos, no valida debidamente firmas de módulos de actualización, lo que permite a atacantes remotos falsificar módulos y ejecutar código arbitrario a través de una firma manipulada. • http://jvn.jp/en/jp/JVN50129191/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053 http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html http://www.justsystems.com/jp/info/js14002.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 4%CPEs: 22EXPL: 0CVE-2013-5990
https://notcve.org/view.php?id=CVE-2013-5990
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document. Vulnerabilidad no especificada en JustSystems Ichitaro hasta la versión 2011; Ichitaro Government 6, 7, y 2006 hasta la versión 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen y Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 y Pro 2 Trial Edition; Ichitaro Viewer; e Ichitaro Portable con oreplug permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado. • http://jvn.jp/en/jp/JVN44999463/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000103 http://www.justsystems.com/jp/info/js13003.html •
CVSS: 10.0EPSS: 7%CPEs: 18EXPL: 0CVE-2013-3644
https://notcve.org/view.php?id=CVE-2013-3644
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document. Vulnerabilidad sin especificar en JustSystems Ichitaro 2006 a la 2013; Ichitaro Pro a la 2; Ichitaro Government 6, 7, y 2006 a la 2010; Ichitaro Portable con oreplug; Ichitaro Viewer; y Ichitaro JUST School a la 2010, permite a atacantes remotos ejecutar código arbitrario a través de un documento manipulado. • http://jvn.jp/en/jp/JVN98712361/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058 http://www.justsystems.com/jp/info/js13002.html •
CVSS: 9.3EPSS: 4%CPEs: 21EXPL: 1CVE-2011-1331
https://notcve.org/view.php?id=CVE-2011-1331
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011. JustSystems Ichitaro v2005 hasta v2011, Ichitaro Government v6, Ichitaro Gobierno de v2006 a v2010, Ichitaro portátil, Ichitaro Pro, y el Visor de Ichitaro permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria heap ) a través de un documento manipulado, como se exploto a principios de 2011. • http://jvn.jp/en/jp/JVN87239473/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043 http://secunia.com/advisories/44956 http://www.justsystems.com/jp/info/js11001.html http://www.securityfocus.com/bid/48283 http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability https://exchange.xforce.ibmcloud.com/vulnerabilities/68072 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •