Lucene search

MitreCVE-2008-0223

HistoryJan 10, 2008 - 11:46 p.m.

CVE-2008-0223

2008-01-1023:46:00

CWE-119

mitre

web.nvd.nist.gov

justsystems

jsfc.dll

buffer overflow

remote code execution

security vulnerability

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.198

Percentile

96.4%

JSON

Buffer overflow in JustSystems JSFC.DLL, as used in multiple JustSystems products such as Ichitaro, allows remote attackers to execute arbitrary code via a crafted .JTD file.

Affected configurations

Nvd

Node

justsystemichitaroMatch11.0

justsystemichitaroMatch12.0

justsystemichitaroMatch13.0

justsystemichitaroMatch2004

justsystemichitaroMatch2005

justsystemichitaroMatch2006

justsystemichitaroMatch2007

justsystemichitaroMatchlinux

justsystemichitaro_lite2

justsystemichitaro_viewer

VendorProductVersionCPE
justsystemichitaro11.0cpe:2.3:a:justsystem:ichitaro:11.0:*:*:*:*:*:*:*
justsystemichitaro12.0cpe:2.3:a:justsystem:ichitaro:12.0:*:*:*:*:*:*:*
justsystemichitaro13.0cpe:2.3:a:justsystem:ichitaro:13.0:*:*:*:*:*:*:*
justsystemichitaro2004cpe:2.3:a:justsystem:ichitaro:2004:*:*:*:*:*:*:*
justsystemichitaro2005cpe:2.3:a:justsystem:ichitaro:2005:*:*:*:*:*:*:*
justsystemichitaro2006cpe:2.3:a:justsystem:ichitaro:2006:*:*:*:*:*:*:*
justsystemichitaro2007cpe:2.3:a:justsystem:ichitaro:2007:*:*:*:*:*:*:*
justsystemichitarolinuxcpe:2.3:a:justsystem:ichitaro:linux:*:*:*:*:*:*:*
justsystemichitaro_lite2*cpe:2.3:a:justsystem:ichitaro_lite2:*:*:*:*:*:*:*:*
justsystemichitaro_viewer*cpe:2.3:a:justsystem:ichitaro_viewer:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
justsystem	ichitaro	11.0	cpe:2.3:a:justsystem:ichitaro:11.0:::::::*
justsystem	ichitaro	12.0	cpe:2.3:a:justsystem:ichitaro:12.0:::::::*
justsystem	ichitaro	13.0	cpe:2.3:a:justsystem:ichitaro:13.0:::::::*
justsystem	ichitaro	2004	cpe:2.3:a:justsystem:ichitaro:2004:::::::*
justsystem	ichitaro	2005	cpe:2.3:a:justsystem:ichitaro:2005:::::::*
justsystem	ichitaro	2006	cpe:2.3:a:justsystem:ichitaro:2006:::::::*
justsystem	ichitaro	2007	cpe:2.3:a:justsystem:ichitaro:2007:::::::*
justsystem	ichitaro	linux	cpe:2.3:a:justsystem:ichitaro:linux:::::::*
justsystem	ichitaro_lite2	*	cpe:2.3:a:justsystem:ichitaro_lite2::::::::
justsystem	ichitaro_viewer	*	cpe:2.3:a:justsystem:ichitaro_viewer::::::::

References

jvn.jp/jp/JVN%2308237857/index.html

secunia.com/advisories/28275

www.fourteenforty.jp/research/advisory.cgi?FFRRA-20080107

www.justsystems.com/jp/info/pd8001.html

www.securityfocus.com/bid/27153

www.securitytracker.com/id?1019168

www.vupen.com/english/advisories/2008/0045

exchange.xforce.ibmcloud.com/vulnerabilities/39501

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.198

Percentile

96.4%

JSON

Related for CVE-2008-0223