Multiple JustSystems Products Remote Code Execution Vulnerabilities
BID:53214
Info
Multiple JustSystems Products Remote Code Execution Vulnerabilities
| Bugtraq ID: | 53214 |
| Class: | Unknown |
| CVE: |
CVE-2012-0269 CVE-2012-1242 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 24 2012 12:00AM |
| Updated: | Apr 24 2012 12:00AM |
| Credit: | Tielei Wang of Georgia Tech Information Security Center via Secunia and Naoto Katsumi of LAC Co. |
| Vulnerable: |
JustSystems Shuriken Pro4 JustSystems Shuriken 2010 JustSystems Shuriken 2007 JustSystems oreplug 0 JustSystems JUST School 2010 JustSystems JUST School 2009 JustSystems JUST Jump 4 JustSystems JUST Frontier 0 JustSystems Ichitaro 2011 JustSystems Ichitaro 2010 JustSystems Ichitaro 2009 JustSystems Ichitaro 2008 JustSystems Ichitaro 2007 JustSystems Ichitaro 2006 Justsystem Ichitaro Viewer 2009 19.0.2 .0 Justsystem Ichitaro Viewer 2009 19.0.1 .0 Justsystem Ichitaro viewer 0 |
| Not Vulnerable: | |
Discussion
Multiple JustSystems Products Remote Code Execution Vulnerabilities
Multiple JustSystems Products are prone to remote code-execution vulnerabilities that includes a heap-based buffer overflow issue and an insecure DLL-loading issue.
Attackers can exploit these vulnerabilities to execute arbitrary code in the context of the user running the vulnerable application. Failed exploits will result in denial-of-service conditions.
The following products are affected:
Ichitaro versions 2006 to 2011
Ichitaro Viewer
JUST School versions 2009 and 2010
JUST Jump 4
JUST Frontier
Shuriken versions 2007 to 2010
Shuriken Pro4
oreplug
Multiple JustSystems Products are prone to remote code-execution vulnerabilities that includes a heap-based buffer overflow issue and an insecure DLL-loading issue.
Attackers can exploit these vulnerabilities to execute arbitrary code in the context of the user running the vulnerable application. Failed exploits will result in denial-of-service conditions.
The following products are affected:
Ichitaro versions 2006 to 2011
Ichitaro Viewer
JUST School versions 2009 and 2010
JUST Jump 4
JUST Frontier
Shuriken versions 2007 to 2010
Shuriken Pro4
oreplug
Exploit / POC
Multiple JustSystems Products Remote Code Execution Vulnerabilities
Currently we are not aware of any working exploits for buffer-overflow issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
For the insecure DLL-loading issue, a general exploit technique has been documented by TheLeader and H.D. Moore for the Metasploit Project; please see the references for more information.
Currently we are not aware of any working exploits for buffer-overflow issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
For the insecure DLL-loading issue, a general exploit technique has been documented by TheLeader and H.D. Moore for the Metasploit Project; please see the references for more information.
Solution / Fix
Multiple JustSystems Products Remote Code Execution Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Multiple JustSystems Products Remote Code Execution Vulnerabilities
References:
References:
- Application DLL Load Hijacking (HD Moore)
- Exploiting DLL Hijacking Flaws (hdm)
- Justsystems Products Web Site (Justsystems)
- Microsoft Security Advisory 2269637 Released (Microsoft)
- More information about the DLL Preloading remote attack vector (Microsoft)
- JS12001 (Justsystems)
- Microsoft Security Advisory (2269637) (Microsoft)
- Multiple JustSystems products may insecurely load dynamic libraries (Justsystems)
- Multiple JustSystems products vulnerable to buffer overflow (JPCERT)