[Japanese]

JVNDB-2005-000767

WebUD arbitrary program execution vulnerability

Overview

WebUD, a web accessibility support tool, contains a vulnerability in its components that are automatically executed on it, which may allow execution of arbitrary code when a user accesses a malicious website.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 6.8 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Medium
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: Partial
  • Availability Impact: Partial
Affected Products


FUJITSU
  • WebUD version V01L10

Impact

A remote attacker could execute an arbitrary program, or read or overwrite user's files.
Solution

Vendor Information

FUJITSU
  • FUJITSU Security Information : Security (Japanese)
CWE (What is CWE?)

CVE (What is CVE?)

References

  1. JVN : JVN#A7DA6818
Revision History

  • [2008/05/21]
      Web page published