Vulnerabilities > CVE-2009-4738 - Local Privilege Escalation vulnerability in Justsystems Atok, Atok Flat-Rate Service and Just Smile

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

justsystems

NVD

Published: 2013-01-18

Updated: 2013-01-29

Summary

Unspecified vulnerability in JustSystems Corporation ATOK 2006 through 2009 and ATOK flat-rate service, and Just Smile 4 with the ATOK Smile module, allows physically proximate users to bypass the screen lock and execute commands with system privileges via unknown vectors related to "launching external applications."

Vulnerable Configurations

Part	Description	Count
Application	Justsystems Justsystems Atok 2006 Justsystems Atok 2007 Justsystems Atok 2008 Justsystems Atok 2009 Justsystems Atok Flat Rate Service - Justsystems Just Smile 4	6

References

http://jvn.jp/en/jp/JVN57040664/index.html
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000057.html
http://secunia.com/advisories/36560
http://www.justsystems.com/jp/info/js09003.html
http://www.securityfocus.com/bid/36220