CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
78.0%
Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to “pvpara ffooter.”
Vendor | Product | Version | CPE |
---|---|---|---|
justsystems | ichitaro | 13 | cpe:2.3:a:justsystems:ichitaro:13:*:*:*:*:*:*:* |
justsystems | ichitaro | 2004 | cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:* |
justsystems | ichitaro | 2005 | cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:* |
justsystems | ichitaro | 2006 | cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:* |
justsystems | ichitaro | 2006 | cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:* |
justsystems | ichitaro | 2007 | cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:* |
justsystems | ichitaro | 2007 | cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:* |
justsystems | ichitaro | 2008 | cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:* |
justsystems | ichitaro | 2008 | cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:* |
justsystems | ichitaro | 2009 | cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:* |
jvn.jp/en/jp/JVN33846134/index.html
jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html
secunia.com/advisories/34611
www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407
www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html
www.justsystems.com/jp/info/js09002.html
www.osvdb.org/53349
www.securityfocus.com/bid/34403
www.vupen.com/english/advisories/2009/0957
exchange.xforce.ibmcloud.com/vulnerabilities/49739