CVSS: 10.0EPSS: 0%CPEs: 61EXPL: 0CVE-2022-36344
https://notcve.org/view.php?id=CVE-2022-36344
16 Aug 2022 — An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, ... • https://jvn.jp/en/jp/JVN57073973/index.html • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2017-2154
https://notcve.org/view.php?id=CVE-2017-2154
28 Apr 2017 — Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. Una vulnerabilidad de ruta (path) de búsqueda no confiable en Hanako 2017, Hanako 20... • https://jvn.jp/en/jp/JVN54268888/index.html • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2012-1242
https://notcve.org/view.php?id=CVE-2012-1242
27 Apr 2012 — Untrusted search path vulnerability in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, and oreplug allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de busqueda de ruta no comprobada en JustSystems Ichitaro v2011 Sou, Ichitaro v2006 hasta v2011, Ichitaro Government v2006 hasta v2010, ... • http://jvn.jp/en/jp/JVN95378720/index.html •
CVSS: 9.3EPSS: 10%CPEs: 32EXPL: 0CVE-2012-0269
https://notcve.org/view.php?id=CVE-2012-0269
27 Apr 2012 — Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitra... • http://jvn.jp/en/jp/JVN09619876/index.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •