CVSS: 10.0EPSS: 2%CPEs: 16EXPL: 0CVE-2014-7247
https://notcve.org/view.php?id=CVE-2014-7247
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file. Vulnerabilidad no especificada en JustSystems Ichitaro 2008 hasta 2011; Ichitaro Government 6, 7, 2008, 2009, y 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; y Ichitaro 2014 Tetsu permite a atacantes remotos ejecutar código arbitrario a través de un fichero manipulado. • http://jvn.jp/en/jp/JVN16318793/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000131 http://www.justsystems.com/jp/info/js14003.html • CWE-19: Data Processing Errors •
CVSS: 7.6EPSS: 3%CPEs: 24EXPL: 0CVE-2014-2003
https://notcve.org/view.php?id=CVE-2014-2003
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature. JustSystems JUST Online Update, utilizado en Ichitaro hasta 2014 y otros productos, no valida debidamente firmas de módulos de actualización, lo que permite a atacantes remotos falsificar módulos y ejecutar código arbitrario a través de una firma manipulada. • http://jvn.jp/en/jp/JVN50129191/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2014-000053 http://www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html http://www.justsystems.com/jp/info/js14002.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 15EXPL: 0CVE-2009-4737
https://notcve.org/view.php?id=CVE-2009-4737
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter." Desbordamiento de búfer basado en pila en JustSystems Corporation Ichitaro v13, desde v2004 hasta v2009, Viewer 2009 v19.0.1.0 y anteriores y otras versiones, permite a atacantes dependientes de contexto ejecutar código arbitrario a través de un fichero de texto enriquecido manipulado (RTF), relacionado con "pvpara ffooter." • http://jvn.jp/en/jp/JVN33846134/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html http://secunia.com/advisories/34611 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407 http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html http://www.justsystems.com/jp/info/js09002.html http://www.osvdb.org/53349 http://www.securityfocus.com/bid/34403 http://www.vupen.com/english/advisories/2009/0957 https://exchange.xforce.ibmcloud&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 5%CPEs: 8EXPL: 0CVE-2009-1054
https://notcve.org/view.php?id=CVE-2009-1054
Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to execute arbitrary code via a crafted file, as exploited in the wild by Trojan.Tarodrop.H in March 2009. Vulnerabilidad inespecífica en JustSystems Ichitaro v13, de la v2004 hasta la v2008, Lite2, y Ichitaro viewer v5.1.5.0 y anteriores permite a atacantes remotos ejecutar código de forma arbitraria a través de un fichero manipulado, tal y como lo explotaba Trojan.Tarodrop.H en Marzo de 2009. • http://secunia.com/advisories/34405 http://www.justsystems.com/jp/info/js09001.html http://www.securityfocus.com/bid/34138 http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-031608-2424-99 http://www.vupen.com/english/advisories/2009/0769 https://exchange.xforce.ibmcloud.com/vulnerabilities/49280 •
CVSS: 9.3EPSS: 16%CPEs: 10EXPL: 0CVE-2008-0223
https://notcve.org/view.php?id=CVE-2008-0223
Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file. Un desbordamiento de búfer en JustSystems en la biblioteca JSFC.DLL, como es usado en varios productos de JustSystems como Ichitaro, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo .JTD especialmente diseñado. • http://jvn.jp/jp/JVN%2308237857/index.html http://secunia.com/advisories/28275 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107 http://www.justsystems.com/jp/info/pd8001.html http://www.securityfocus.com/bid/27153 http://www.securitytracker.com/id?1019168 http://www.vupen.com/english/advisories/2008/0045 https://exchange.xforce.ibmcloud.com/vulnerabilities/39501 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •