JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
BID:26206
Info
JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
| Bugtraq ID: | 26206 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-5687 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 25 2007 12:00AM |
| Updated: | May 07 2015 05:34PM |
| Credit: | Hiroshi Ukai discovered these issues. |
| Vulnerable: |
JustSystems Ichitaro 2007 JustSystems Ichitaro 2006 JustSystems Ichitaro 2005 JustSystems Ichitaro 2004 JustSystems Ichitaro 13 JustSystems Ichitaro 12 JustSystems Ichitaro 11 Justsystem Ichitaro viewer 0 Justsystem Ichitaro Punch 0 Justsystem Ichitaro Lite2 0 Justsystem Ichitaro for Linux 0 |
| Not Vulnerable: | |
Discussion
JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
JustSystem Ichitaro is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Successful exploits may allow attackers to execute arbitrary code in the context of a vulnerable application; failed attempts will likely cause denial-of-service conditions.
These issues affect these versions:
Ichitaro 11, 12, 13, 2004, 2005, 2006, 2007
Ichitaro for Linux
Ichitaro Lite2
Punch
Ichitaro viewer
Other versions may also be affected.
JustSystem Ichitaro is prone to multiple unspecified buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data before copying it to insufficiently sized buffers.
Successful exploits may allow attackers to execute arbitrary code in the context of a vulnerable application; failed attempts will likely cause denial-of-service conditions.
These issues affect these versions:
Ichitaro 11, 12, 13, 2004, 2005, 2006, 2007
Ichitaro for Linux
Ichitaro Lite2
Punch
Ichitaro viewer
Other versions may also be affected.
Exploit / POC
JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
Solution:
The vendor has released updates to address these issues. Please see the references for more information.
Solution:
The vendor has released updates to address these issues. Please see the references for more information.
References
JustSystem Ichitaro JSTARO4.OCX and TJSVDA.DLL Multiple Buffer Overflow Vulnerabilities
References:
References:
- Ichitaro Advisory (JustSystem)
- Ichitaro Home Page (JustSystems)