CVE-2006-4326
published 2006-08-24CVE-2006-4326: Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before…
PriorityP265high7.5CVSS 2.0
AVNACLAuNCPIPAP
ITWVulnCheck KEV
Exploited in the wild
EPSS
4.47%
90.3th percentile
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro | — | — |
| justsystem | ichitaro_government | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q4wq-xr94-wjhg: Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2006-5424 [HIGH] GHSA-q4wq-xr94-wjhg: Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a
Unspecified vulnerability in Justsystem Ichitaro 2006, 2006 trial version, and Government 2006 allows remote attackers to execute arbitrary code via a modified document, possibly because of a buffer overflow, a different vulnerability than CVE-2006-4326.
GHSA
GHSA-97j3-hcxr-rx9m: Stack-based buffer overflow in Justsystem Ichitaro 9
ghsa_unreviewed·2022-05-01
CVE-2006-4326 [HIGH] CWE-119 GHSA-97j3-hcxr-rx9m: Stack-based buffer overflow in Justsystem Ichitaro 9
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information.
GHSA
GHSA-r8m8-h626-xgw4: Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-4246 [HIGH] GHSA-r8m8-h626-xgw4: Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a
Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
VulnCheck
Justsystem Ichitaro 2007 and earlier Remote Code Execution
vulncheck·2007·CVSS 7.5
CVE-2007-4246 [HIGH] Justsystem Ichitaro 2007 and earlier Remote Code Execution
Justsystem Ichitaro 2007 and earlier Remote Code Execution
Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
Affected: justsystem ichitaro
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.justsystems.com/jp/corporate/info/pd7003.html
VulnCheck
justsystem formliner Improper Restriction of Operations within the Bounds of a Memory Buffer
vulncheck·2006·CVSS 7.5
CVE-2006-4326 [HIGH] justsystem formliner Improper Restriction of Operations within the Bounds of a Memory Buffer
justsystem formliner Improper Restriction of Operations within the Bounds of a Memory Buffer
Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information.
Affected: justsystem formliner
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.justsystems.com/jp/corporate/info/pd6002.html
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/21552http://www.justsystem.co.jp/info/pd6002.htmlhttp://www.securityfocus.com/bid/19550http://www.symantec.com/enterprise/security_response/weblog/2006/08/justsystems_ichitaro_0day_used.htmlhttp://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-081615-5201-99http://www.vupen.com/english/advisories/2006/3332https://exchange.xforce.ibmcloud.com/vulnerabilities/28484http://secunia.com/advisories/21552http://www.justsystem.co.jp/info/pd6002.htmlhttp://www.securityfocus.com/bid/19550http://www.symantec.com/enterprise/security_response/weblog/2006/08/justsystems_ichitaro_0day_used.htmlhttp://www.symantec.com/enterprise/security_response/writeup.jsp?docid=2006-081615-5201-99http://www.vupen.com/english/advisories/2006/3332https://exchange.xforce.ibmcloud.com/vulnerabilities/28484
2006-08-24
Published
Exploited in the wild