CVE-2012-1242
https://notcve.org/view.php?id=CVE-2012-1242
Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de busqueda de ruta no comprobada en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, únicamente School, únicamente School v2009 y v2010, unicamente Jump 4, unicamente Frontier, y oreplug que permite a usuarios locales obtener privilegios a traves de un DLL troyanizado en el directorio actual de trabajo. • http://jvn.jp/en/jp/JVN95378720/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000034 http://osvdb.org/81472 http://www.justsystems.com/jp/info/js12001.html •
CVE-2012-0269
https://notcve.org/view.php?id=CVE-2012-0269
Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file. Desbordamiento de buffer en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, Ichitaro Portable con oreplug, Ichitaro Viewer, únicamente School, únicamente School v2009 y v2010, únicamente Jump v4, únicamente Frontier, oreplug, Shuriken Pro4, Shuriken v2007 hasta v2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 hasta CE/2009 Corporate Edition, Shuriken v2010 Corporate Edition, Rekishimail Sengokubusho no missho, y Bakumatsushishi no missho que permite a atacantes remotos ejecutar código de su elección mediante un fichero de imagen modificado. • http://jvn.jp/en/jp/JVN09619876/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035 http://www.justsystems.com/jp/info/js12001.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-1331
https://notcve.org/view.php?id=CVE-2011-1331
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011. JustSystems Ichitaro v2005 hasta v2011, Ichitaro Government v6, Ichitaro Gobierno de v2006 a v2010, Ichitaro portátil, Ichitaro Pro, y el Visor de Ichitaro permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria heap ) a través de un documento manipulado, como se exploto a principios de 2011. • http://jvn.jp/en/jp/JVN87239473/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043 http://secunia.com/advisories/44956 http://www.justsystems.com/jp/info/js11001.html http://www.securityfocus.com/bid/48283 http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability https://exchange.xforce.ibmcloud.com/vulnerabilities/68072 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-2152
https://notcve.org/view.php?id=CVE-2010-2152
Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document. Vulnerabilidad sin expecificar de JustSystems Ichitaro 2004 hasta 2009, Ichitaro Government 2006 hasta 2009, y Just School 2008 y 2009 permite a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos relacionado con "el procesamiento de los atributos de las características de un producto" para un documento. • http://jvn.jp/en/jp/JVN17293765/index.html http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html http://osvdb.org/65050 http://secunia.com/advisories/40008 http://www.ipa.go.jp/about/press/20100601.html http://www.justsystems.com/jp/info/js10002.html http://www.securityfocus.com/bid/40472 http://www.vupen.com/english/advisories/2010/1283 https://exchange.xforce.ibmcloud.com/vulnerabilities/59037 •
CVE-2010-1424
https://notcve.org/view.php?id=CVE-2010-1424
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file. Vulnerabilidad no especificada en JustSystems Ichitaro y Ichitaro Government v2006 hasta v2010 permite a atacantes asistidos por usuarios remotamente ejecutar código de su elección a través de un fichero de fuentes modificado. • http://jvn.jp/en/jp/JVN98467259/index.html http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.html http://osvdb.org/63651 http://secunia.com/advisories/39256 http://www.justsystems.com/jp/info/js10001.html http://www.securitytracker.com/id?1023844 http://www.vupen.com/english/advisories/2010/0854 •