Vulnerabilities > Justsystems

DATE CVE VULNERABILITY TITLE RISK
2017-11-02 CVE-2017-10870 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Justsystems products
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file.
6.8
2017-04-28 CVE-2017-2154 Improper Input Validation vulnerability in Justsystems products
Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
6.8
2017-02-24 CVE-2017-2791 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Justsystems Ichitaro 2016
JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file.
6.8
2017-02-24 CVE-2017-2790 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Justsystems Ichitaro
When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and uses this result as the size for a memcpy.
network
low complexity
justsystems CWE-119
7.5
2017-02-24 CVE-2017-2789 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Justsystems Ichitaro
When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document.
network
low complexity
justsystems CWE-119
7.5
2014-11-26 CVE-2014-7247 Data Processing Errors vulnerability in Justsystems Ichitaro and Ichitaro PRO
Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and 2010; Ichitaro Pro; Ichitaro Pro 2; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen; and Ichitaro 2014 Tetsu allows remote attackers to execute arbitrary code via a crafted file.
network
low complexity
justsystems CWE-19
critical
10.0
2014-06-16 CVE-2014-2003 Improper Input Validation vulnerability in Justsystems Ichitaro and Just Online Update
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.
network
high complexity
justsystems CWE-20
7.6
2014-01-29 CVE-2014-0810 Remote Code Execution vulnerability in JustSystems Sanshiro Products
Unspecified vulnerability in JustSystems Sanshiro 2007 before update 3, 2008 before update 5, 2009 before update 6, and 2010 before update 6, and Sanshiro Viewer before 2.0.2.0, allows remote attackers to execute arbitrary code via a crafted document.
network
low complexity
justsystems
7.5
2013-11-13 CVE-2013-5990 Remote Code Execution vulnerability in Multiple Ichitaro Products
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.
network
justsystems
critical
9.3
2013-06-18 CVE-2013-3644 Remote Code Execution vulnerability in Multiple Ichitaro Products
Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.
network
low complexity
justsystems
critical
10.0