JVNDB-2006-000812

[Japanese]
JVNDB-2006-000812
Hanako buffer overflow vulnerability
Overview
Hanako, graphics authoring software from Justsystems, contains a buffer overflow vulnerability.
CVSS Severity (What is CVSS?)
CVSS V2 Severity: Base Metrics 5.1 (Medium) [IPA Score] Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
Affected Products

JustSystems Corporation Hanako 2004 Hanako 2005 Hanako 2006 Hanako Viewer 1.0

Impact
An arbitrary code could be executed on the PCs of Hanako user, if the user opens a specially crafted Hanako file sent by a remote attacker.
Solution

Vendor Information
JustSystems Corporation JUST SYSTEM : pd6005
CWE (What is CWE?)
Buffer Errors(CWE-119) [NVD Evaluation]
CVE (What is CVE?)
CVE-2006-6400
References
JVN : JVN#47272891 National Vulnerability Database (NVD) : CVE-2006-6400 Secunia Advisory : SA23185 SecurityFocus : 21445 SecurityTracker : 1017336 FrSIRT Advisories : FrSIRT/ADV-2006-4857
Revision History
[2008/05/21] Web page published

Hanako buffer overflow vulnerability