CVE-2023-39341
Summary
| CVE | CVE-2023-39341 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2023-08-09 03:15:00 UTC |
| Updated | 2023-11-07 04:17:00 UTC |
| Description | "FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, which may lead to denial-of-service (DoS) condition. Affected products and versions are as follows: FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0, FFRI yarai Home and Business Edition version 1.4.0, InfoTrace Mark II Malware Protection (Mark II Zerona) versions 3.0.1 to 3.2.2, Zerona / Zerona PLUS versions 3.2.32 to 3.2.36, ActSecure χ versions 3.4.0 to 3.4.6 and 3.5.0, Dual Safe Powered by FFRI yarai version 1.4.1, EDR Plus Pack (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0), and EDR Plus Pack Cloud (Bundled FFRI yarai versions 3.4.0 to 3.4.6 and 3.5.0). |
Risk And Classification
Problem Types: CWE-755
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ffri | Dual Safe | 1.4.1 | All | All | All |
| Application | Ffri | Ffri Yarai | 1.4.0 | All | All | All |
| Application | Ffri | Ffri Yarai | 3.5.0 | All | All | All |
| Application | Ffri | Ffri Yarai | All | All | All | All |
| Application | Nec | Actsecure X Managed Security Service | 3.5.0 | All | All | All |
| Application | Nec | Actsecure X Managed Security Service | All | All | All | All |
| Application | Skygroup | Edr Plus Pack | 3.5.0 | All | All | All |
| Application | Skygroup | Edr Plus Pack | All | All | All | All |
| Application | Skygroup | Edr Plus Pack Cloud | 3.5.0 | All | All | All |
| Application | Skygroup | Edr Plus Pack Cloud | All | All | All | All |
| Application | Soliton | Infotrace Mark Ii Malware Protection | All | All | All | All |
| Application | Soliton | Zerona | All | All | All | All |
| Application | Soliton | Zerona Plus | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 『EDRプラスパック』および『EDRプラスパックCloud』に同梱しているFFRI yaraiの脆弱性(CVE-2023-39341)|ITセキュリティ対策とリスクの発見を支援 SKYSEA Client View | MISC | www.skyseaclientview.net | |
| JVN#42527152: "FFRI yarai" and "FFRI yarai Home and Business Edition" handle exceptional conditions improperly | MISC | jvn.jp | |
| 「二重の安心 Powered by FFRI yarai」の脆弱性と修正完了に関するお知らせ(2023.08.07)HTMLタイトル|ソースネクスト総合サポート | MISC | www.sourcenext.com | |
| 【重要】製品の脆弱性対応|株式会社FFRIセキュリティ-サイバーセキュリティ、エンドポイントセキュリティ | MISC | www.ffri.jp | |
| ログイン | NEC | MISC | www.support.nec.co.jp | |
| 【重要】Zerona 特定条件下で(マルウェア防御/マルウェア対策)機能が一時停止する脆弱性について | サポート | ソリトンシステムズ | MISC | www.soliton.co.jp | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.