CVE-2007-4246
published 2007-08-08CVE-2007-4246: Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified…
PriorityP268medium6.8CVSS 2.0
AVNACMAuNCPIPAP
ITWVulnCheck KEV
Exploited in the wild
EPSS
3.08%
86.0th percentile
Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| justsystem | ichitaro | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-r8m8-h626-xgw4: Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2007-4246 [HIGH] GHSA-r8m8-h626-xgw4: Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a
Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
VulnCheck
Justsystem Ichitaro 2007 and earlier Remote Code Execution
vulncheck·2007·CVSS 7.5
CVE-2007-4246 [HIGH] Justsystem Ichitaro 2007 and earlier Remote Code Execution
Justsystem Ichitaro 2007 and earlier Remote Code Execution
Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), a different vulnerability than CVE-2006-4326, CVE-2006-5424, CVE-2006-6400, and CVE-2007-1938.
Affected: justsystem ichitaro
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.justsystems.com/jp/corporate/info/pd7003.html
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/39393http://secunia.com/advisories/26317http://www.justsystem.co.jp/info/pd7003.htmlhttp://www.securityfocus.com/bid/25187http://www.symantec.com/enterprise/security_response/weblog/2007/08/unknown_exploit_compromises_ic.htmlhttp://www.symantec.com/security_response/writeup.jsp?docid=2007-080210-4815-99http://www.vupen.com/english/advisories/2007/2780https://exchange.xforce.ibmcloud.com/vulnerabilities/35822http://osvdb.org/39393http://secunia.com/advisories/26317http://www.justsystem.co.jp/info/pd7003.htmlhttp://www.securityfocus.com/bid/25187http://www.symantec.com/enterprise/security_response/weblog/2007/08/unknown_exploit_compromises_ic.htmlhttp://www.symantec.com/security_response/writeup.jsp?docid=2007-080210-4815-99http://www.vupen.com/english/advisories/2007/2780https://exchange.xforce.ibmcloud.com/vulnerabilities/35822
2007-08-08
Published
Exploited in the wild