CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2007-1938
https://notcve.org/view.php?id=CVE-2007-1938
Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting (XSS). Ichitaro 2005 hasta 2007, y posiblemente productos relacionados, permite a atacantes remotos tener un impacto desconocido por medio de vectores no especificados en un documento distribuido por medio de correo electrónico o un sitio web, posiblemente debido a un desbordamiento de búfer o a un problema de tipo cross-site scripting (XSS). • http://osvdb.org/34759 http://secunia.com/advisories/24780 http://vil.mcafeesecurity.com/vil/content/v_141950.htm http://www.justsystem.co.jp/info/pd7002.html http://www.securityfocus.com/bid/23386 http://www.securitytracker.com/id?1017887 http://www.vupen.com/english/advisories/2007/1287 https://exchange.xforce.ibmcloud.com/vulnerabilities/33507 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 18%CPEs: 11EXPL: 0CVE-2006-6400
https://notcve.org/view.php?id=CVE-2006-6400
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields. Desbordamiento de búfer en JustSystems Hanako 2004 hasta 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, y Sanshiro 2005 permite a atacantes remotos ejecutar código de su elección mediante los campos (1) Keyword y (2) Title, relativos a campos de longitud de cadenas. • http://jvn.jp/jp/JVN%2347272891/index.html http://secunia.com/advisories/23185 http://securitytracker.com/id?1017336 http://www.justsystem.co.jp/info/pd6005.html http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html http://www.securityfocus.com/bid/21445 http://www.vupen.com/english/advisories/2006/4857 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.1EPSS: 10%CPEs: 3EXPL: 0CVE-2006-5424
https://notcve.org/view.php?id=CVE-2006-5424
Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326. Vulnerabilidad no especificada en Justsystem Ichitaro 2006, 2006 trial version, y Government 2006 permite a un atacante remoto ejecutar código de su elección a través de un documento modificado, posiblemente a causa de un desbordamiento de búfer, una vulnerabilidad diferentes que CVE-2006-4326. • http://jvn.jp/jp/JVN%2390815371/index.html http://secunia.com/advisories/22386 http://www.justsystem.co.jp/info/pd6004.html http://www.securityfocus.com/bid/20610 http://www.vupen.com/english/advisories/2006/4092 https://exchange.xforce.ibmcloud.com/vulnerabilities/29654 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 30%CPEs: 10EXPL: 0CVE-2006-4326
https://notcve.org/view.php?id=CVE-2006-4326
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information. Desbordamiento de búfer basado en pila en Justsystem Ichitaro 9.x hasta 13.x, Ichitaro 2004, 2005, 2006, y Government 2006; Ichitaro para Linux; y FormLiner anterior al 18/08/2006 permite a ataacntes remotos ejecutar código de su elección mediante cadenas Unicode largas en un documento manipulado, tal y como está siendo explotado activamente por software malicioso como Trojan.Tarodrop. NOTA: algunos detalles se han obtenido de información de terceros. • http://secunia.com/advisories/21552 http://www.justsystem.co.jp/info/pd6002.html http://www.securityfocus.com/bid/19550 http://www.symantec.com/enterprise/security_response/weblog/2006/08/justsystems_ichitaro_0day_used.html http://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-081615-5201-99 http://www.vupen.com/english/advisories/2006/3332 https://exchange.xforce.ibmcloud.com/vulnerabilities/28484 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •