[Japanese]
|
JVNDB-2012-000034
|
Multiple JustSystems products may insecurely load dynamic libraries
|
Multiple JustSystems products may use unsafe methods for determining how to load DLL's.
Multiple JustSystems products contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.
Naoto Katsumi of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
|
CVSS V2 Severity: Base Metrics 6.8 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Medium
- Authentication: None
- Confidentiality Impact: Partial
- Integrity Impact: Partial
- Availability Impact: Partial
|
|
JustSystems Corporation
- Just Jump 4
- Just School 2010
- Just School 2009
- Just School
- Just Frontier
- Ichitaro 2011
- Ichitaro 2010
- Ichitaro 2009
- Ichitaro 2008
- Ichitaro 2007
- Ichitaro 2006
- Ichitaro 2011 Sou
- Ichitaro Government 2010
- Ichitaro Government 2009
- Ichitaro Government 2008
- Ichitaro Government 2007
- Ichitaro Government 2006
- Ichitaro Viewer
- Ichitaro Portable with oreplug
- oreplug
|
|
Arbitrary code may be executed with the privileges of the running application.
|
[Update the software]
Apply the appropriate update according to the information provided by the developer.
|
JustSystems Corporation
|
- No Mapping(CWE-Other) [IPA Evaluation]
|
- CVE-2012-1242
|
- JVN : JVN#95378720
- National Vulnerability Database (NVD) : CVE-2012-1242
|
- [2012/04/24]
Web page was published
|