CVE-2006-4326
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information.
Desbordamiento de búfer basado en pila en Justsystem Ichitaro 9.x hasta 13.x, Ichitaro 2004, 2005, 2006, y Government 2006; Ichitaro para Linux; y FormLiner anterior al 18/08/2006 permite a ataacntes remotos ejecutar código de su elección mediante cadenas Unicode largas en un documento manipulado, tal y como está siendo explotado activamente por software malicioso como Trojan.Tarodrop. NOTA: algunos detalles se han obtenido de información de terceros.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-08-23 CVE Reserved
- 2006-08-24 CVE Published
- 2023-05-20 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (7)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.justsystem.co.jp/info/pd6002.html | 2017-07-20 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/21552 | 2017-07-20 | |
| http://www.vupen.com/english/advisories/2006/3332 | 2017-07-20 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Justsystem Search vendor "Justsystem" | Formliner Search vendor "Justsystem" for product "Formliner" | * | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 9.0 Search vendor "Justsystem" for product "Ichitaro" and version "9.0" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 10.0 Search vendor "Justsystem" for product "Ichitaro" and version "10.0" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 11.0 Search vendor "Justsystem" for product "Ichitaro" and version "11.0" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 12.0 Search vendor "Justsystem" for product "Ichitaro" and version "12.0" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 13.0 Search vendor "Justsystem" for product "Ichitaro" and version "13.0" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 2004 Search vendor "Justsystem" for product "Ichitaro" and version "2004" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 2005 Search vendor "Justsystem" for product "Ichitaro" and version "2005" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Search vendor "Justsystem" for product "Ichitaro" | 2006 Search vendor "Justsystem" for product "Ichitaro" and version "2006" | - |
Affected
| ||||||
| Justsystem Search vendor "Justsystem" | Ichitaro Government Search vendor "Justsystem" for product "Ichitaro Government" | 2006 Search vendor "Justsystem" for product "Ichitaro Government" and version "2006" | - |
Affected
| ||||||