CVE-2006-6400
Summary
| CVE | CVE-2006-6400 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-12-10 02:28:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:M/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Justsystem | Hanako | 2004 | All | All | All |
| Application | Justsystem | Hanako | 2005 | All | All | All |
| Application | Justsystem | Hanako | 2006 | All | All | All |
| Application | Justsystem | Hanako Viewer | 1.0 | All | All | All |
| Application | Justsystem | Ichitaro | All | All | All | All |
| Application | Justsystem | Ichitaro | 2005 | All | All | All |
| Application | Justsystem | Ichitaro | 2006 | All | All | All |
| Application | Justsystem | Ichitaro Lite2 | All | All | All | All |
| Application | Justsystem | Ichitaro Lite2 | r2 | All | All | All |
| Application | Justsystem | Ichitaro Viewer | 4.0 | All | All | All |
| Application | Justsystem | Sanshiro | 2005 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| JVN#47272891: 花子におけるバッファオーバーフローの脆弱性 | af854a3a-2127-422b-91ae-364da2661108 | jvn.jp | |
| 「一太郎/花子/三四郎」を安心してお使いいただくために (update: 2006.12.19) | お知らせ | ジャストシステム | af854a3a-2127-422b-91ae-364da2661108 | www.justsystem.co.jp | |
| セキュリティ対策のラック|情報を守るセキュリティ対策のパイオニア | af854a3a-2127-422b-91ae-364da2661108 | www.lac.co.jp | Patch, Vendor Advisory |
| JustSystems Multiple Products Unspecified Buffer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| JustSystems Multiple Products Buffer Overflow Vulnerability - Advisories - Secunia | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Hanako File Buffer Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | securitytracker.com | |
| JVN:JVN#47272891 | MITRE | jvn.jp | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.