Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2012-0269

Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and 2010, JUST Jump 4, JUST Frontier, oreplug, Shuriken Pro4, Shuriken 2007 through 2010, Shuriken Pro4 Corporate Edition, Shuriken CE/2007 through CE/2009 Corporate Edition, Shuriken 2010 Corporate Edition, Rekishimail Sengokubusho no missho, and Bakumatsushishi no missho allows remote attackers to execute arbitrary code via a crafted image file.

Published

2012-04-27T18:55:00.937

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	justsystems	ichitaro	2006	Yes
Application	justsystems	ichitaro	2006	Yes
Application	justsystems	ichitaro	2007	Yes
Application	justsystems	ichitaro	2007	Yes
Application	justsystems	ichitaro	2008	Yes
Application	justsystems	ichitaro	2008	Yes
Application	justsystems	ichitaro	2009	Yes
Application	justsystems	ichitaro	2009	Yes
Application	justsystems	ichitaro	2010	Yes
Application	justsystems	ichitaro	2010	Yes
Application	justsystems	ichitaro	2011	Yes
Application	justsystems	ichitaro	2011	Yes
Application	justsystems	ichitaro_portable_with_oreplug	-	Yes
Application	justsystems	ichitaro_viewer	-	Yes
Application	justsystems	just_frontier	-	Yes
Application	justsystems	just_jump	4	Yes
Application	justsystems	just_school	-	Yes
Application	justsystems	just_school	2009	Yes
Application	justsystems	just_school	2010	Yes
Application	justsystems	oreplug	-	Yes
Application	justsystems	rekishimail_bakumatsushishi_no_missho	-	Yes
Application	justsystems	rekishimail_sengokubusho_no_missho	-	Yes
Application	justsystems	shuriken	2007	Yes
Application	justsystems	shuriken	2007	Yes
Application	justsystems	shuriken	2008	Yes
Application	justsystems	shuriken	2008	Yes
Application	justsystems	shuriken	2009	Yes
Application	justsystems	shuriken	2009	Yes
Application	justsystems	shuriken	2010	Yes
Application	justsystems	shuriken	2010	Yes
Application	justsystems	shuriken_pro	4	Yes
Application	justsystems	shuriken_pro	4	Yes

References

http://jvn.jp/en/jp/JVN09619876/index.html ([email protected])
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035 ([email protected])
http://www.justsystems.com/jp/info/js12001.html Vendor Advisory ([email protected])
http://jvn.jp/en/jp/JVN09619876/index.html (af854a3a-2127-422b-91ae-364da2661108)
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000035 (af854a3a-2127-422b-91ae-364da2661108)
http://www.justsystems.com/jp/info/js12001.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)