5 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-2791

https://notcve.org/view.php?id=CVE-2017-2791

JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application. JustSystems Ichitaro 2016 Trial contiene una vulnerabilidad que existe al tratar de abrir un archivo de PowerPoint especialmente manipulado. • http://www.securityfocus.com/bid/96440 http://www.talosintelligence.com/reports/TALOS-2016-0199 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 0%CPEs: 15EXPL: 0

CVE-2009-4737

https://notcve.org/view.php?id=CVE-2009-4737

Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter." Desbordamiento de búfer basado en pila en JustSystems Corporation Ichitaro v13, desde v2004 hasta v2009, Viewer 2009 v19.0.1.0 y anteriores y otras versiones, permite a atacantes dependientes de contexto ejecutar código arbitrario a través de un fichero de texto enriquecido manipulado (RTF), relacionado con "pvpara ffooter." • http://jvn.jp/en/jp/JVN33846134/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html http://secunia.com/advisories/34611 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407 http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html http://www.justsystems.com/jp/info/js09002.html http://www.osvdb.org/53349 http://www.securityfocus.com/bid/34403 http://www.vupen.com/english/advisories/2009/0957 https://exchange.xforce.ibmcloud&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 5%CPEs: 8EXPL: 0

CVE-2009-1054

https://notcve.org/view.php?id=CVE-2009-1054

Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to execute arbitrary code via a crafted file, as exploited in the wild by Trojan.Tarodrop.H in March 2009. Vulnerabilidad inespecífica en JustSystems Ichitaro v13, de la v2004 hasta la v2008, Lite2, y Ichitaro viewer v5.1.5.0 y anteriores permite a atacantes remotos ejecutar código de forma arbitraria a través de un fichero manipulado, tal y como lo explotaba Trojan.Tarodrop.H en Marzo de 2009. • http://secunia.com/advisories/34405 http://www.justsystems.com/jp/info/js09001.html http://www.securityfocus.com/bid/34138 http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-031608-2424-99 http://www.vupen.com/english/advisories/2009/0769 https://exchange.xforce.ibmcloud.com/vulnerabilities/49280 •

CVSS: 9.3EPSS: 16%CPEs: 10EXPL: 0

CVE-2008-0223

https://notcve.org/view.php?id=CVE-2008-0223

Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file. Un desbordamiento de búfer en JustSystems en la biblioteca JSFC.DLL, como es usado en varios productos de JustSystems como Ichitaro, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo .JTD especialmente diseñado. • http://jvn.jp/jp/JVN%2308237857/index.html http://secunia.com/advisories/28275 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107 http://www.justsystems.com/jp/info/pd8001.html http://www.securityfocus.com/bid/27153 http://www.securitytracker.com/id?1019168 http://www.vupen.com/english/advisories/2008/0045 https://exchange.xforce.ibmcloud.com/vulnerabilities/39501 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 23%CPEs: 8EXPL: 0

CVE-2007-5687

https://notcve.org/view.php?id=CVE-2007-5687

Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL. Múltiples desbordamientos de búfer en la funcionalidad de procesamiento de texto enriquecido en el JustSystems Ichitaro 2004 hasta el 2007, el 11 hasta el 13 y otras versiones, permiten a atacantes remotos ejecutar código de su elección a través de la inserción de (1) un largo en el parámetro pard o (2) un nombre de fuente largo en el campo fcharset0, lo que no es correctamente manejado en el (a) JSTARO4.OCX; o (3) un título largo, lo que no es correctamente manejado por el (b) TJSVDA.DLL. • http://jvn.jp/jp/JVN%2329211062/index.html http://jvn.jp/jp/JVN%2332981509/index.html http://jvn.jp/jp/JVN%2350495547/index.html http://osvdb.org/39394 http://secunia.com/advisories/27393 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3 http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html http://www.justsystems.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •