{"api_version":"1","generated_at":"2026-06-24T18:01:59+00:00","cve":"CVE-2006-6400","urls":{"html":"https://cve.report/CVE-2006-6400","api":"https://cve.report/api/cve/CVE-2006-6400.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-6400","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-6400"},"summary":{"title":"CVE-2006-6400","description":"Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-12-10 02:28:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["CWE-119","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"6.8","severity":"","vector":"AV:N/AC:M/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.vupen.com/english/advisories/2006/4857","name":"http://www.vupen.com/english/advisories/2006/4857","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://jvn.jp/jp/JVN%2347272891/index.html","name":"http://jvn.jp/jp/JVN%2347272891/index.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"JVN#47272891: 花子におけるバッファオーバーフローの脆弱性","mime":"text/xml","httpstatus":"200","archivestatus":"404"},{"url":"http://www.justsystem.co.jp/info/pd6005.html","name":"http://www.justsystem.co.jp/info/pd6005.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"「一太郎/花子/三四郎」を安心してお使いいただくために (update: 2006.12.19) | お知らせ | ジャストシステム","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html","name":"http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"セキュリティ対策のラック｜情報を守るセキュリティ対策のパイオニア","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/21445","name":"http://www.securityfocus.com/bid/21445","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"JustSystems Multiple Products Unspecified Buffer Overflow Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://secunia.com/advisories/23185","name":"http://secunia.com/advisories/23185","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"JustSystems Multiple Products Buffer Overflow Vulnerability - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1017336","name":"http://securitytracker.com/id?1017336","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Hanako File Buffer Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://jvn.jp/jp/JVN#47272891/index.html","name":"JVN:JVN#47272891","refsource":"MITRE","tags":[],"title":"","mime":"text/plain","httpstatus":"404","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-6400","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-6400","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"hanako","cpe6":"2004","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"hanako","cpe6":"2005","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"hanako","cpe6":"2006","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"hanako_viewer","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"ichitaro","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"ichitaro","cpe6":"2005","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"ichitaro","cpe6":"2006","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"ichitaro_lite2","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"ichitaro_lite2","cpe6":"r2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"ichitaro_viewer","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"6400","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"justsystem","cpe5":"sanshiro","cpe6":"2005","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T20:26:46.375Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"JVN#47272891","tags":["third-party-advisory","x_refsource_JVN","x_transferred"],"url":"http://jvn.jp/jp/JVN%2347272891/index.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.justsystem.co.jp/info/pd6005.html"},{"name":"1017336","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1017336"},{"name":"ADV-2006-4857","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/4857"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"},{"name":"21445","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/21445"},{"name":"23185","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/23185"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-12-05T00:00:00.000Z","descriptions":[{"lang":"en","value":"Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2008-11-11T10:00:00.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"JVN#47272891","tags":["third-party-advisory","x_refsource_JVN"],"url":"http://jvn.jp/jp/JVN%2347272891/index.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.justsystem.co.jp/info/pd6005.html"},{"name":"1017336","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1017336"},{"name":"ADV-2006-4857","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/4857"},{"tags":["x_refsource_MISC"],"url":"http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"},{"name":"21445","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/21445"},{"name":"23185","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/23185"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-6400","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"JVN#47272891","refsource":"JVN","url":"http://jvn.jp/jp/JVN%2347272891/index.html"},{"name":"http://www.justsystem.co.jp/info/pd6005.html","refsource":"CONFIRM","url":"http://www.justsystem.co.jp/info/pd6005.html"},{"name":"1017336","refsource":"SECTRACK","url":"http://securitytracker.com/id?1017336"},{"name":"ADV-2006-4857","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/4857"},{"name":"http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html","refsource":"MISC","url":"http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html"},{"name":"21445","refsource":"BID","url":"http://www.securityfocus.com/bid/21445"},{"name":"23185","refsource":"SECUNIA","url":"http://secunia.com/advisories/23185"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-6400","datePublished":"2006-12-10T02:00:00.000Z","dateReserved":"2006-12-09T00:00:00.000Z","dateUpdated":"2024-08-07T20:26:46.375Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-12-10 02:28:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["CWE-119","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":true,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:hanako:2004:*:*:*:*:*:*:*","matchCriteriaId":"D22E31AB-74A8-4D04-8521-DEC6DB3B7066"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:hanako:2005:*:*:*:*:*:*:*","matchCriteriaId":"AE0AD3D7-4820-4C3F-8DF1-2DF8D85AEE2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:hanako:2006:*:*:*:*:*:*:*","matchCriteriaId":"1728BCEE-65F2-4299-B349-62021526E1A3"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:hanako_viewer:1.0:*:*:*:*:*:*:*","matchCriteriaId":"8FF80BE6-E275-4C93-8BA4-26345671E97B"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:ichitaro:*:*:*:*:*:*:*:*","matchCriteriaId":"BC1ECAAA-9317-420F-B672-6B313C5307AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:ichitaro:2005:*:*:*:*:*:*:*","matchCriteriaId":"B4125282-F81C-45E4-B5A3-D5685A859455"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:ichitaro:2006:*:*:*:*:*:*:*","matchCriteriaId":"038FB1DB-00F3-4761-A6F4-551360CF7983"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:ichitaro_lite2:*:*:*:*:*:*:*:*","matchCriteriaId":"52A939CD-2BB7-490A-A6DA-F77DB0412BC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:ichitaro_lite2:r2:*:*:*:*:*:*:*","matchCriteriaId":"FE065F3B-C67C-483D-AE21-D37AD3E7A10B"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:ichitaro_viewer:4.0:*:*:*:*:*:*:*","matchCriteriaId":"E3CC6690-2E3C-4891-820E-4E51128A1DC3"},{"vulnerable":true,"criteria":"cpe:2.3:a:justsystem:sanshiro:2005:*:*:*:*:*:*:*","matchCriteriaId":"1B362B4E-6D2E-40CB-B297-1F24B4B2CBD6"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"6400","Ordinal":"1","Title":"CVE-2006-6400","CVE":"CVE-2006-6400","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"6400","Ordinal":"1","NoteData":"Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.","Type":"Description","Title":"CVE-2006-6400"},{"CveYear":"2006","CveId":"6400","Ordinal":"2","NoteData":"2006-12-09","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"6400","Ordinal":"3","NoteData":"2008-11-11","Type":"Other","Title":"Modified"}]}}}