CVE-2006-4326

Published Aug 24, 2006

Last updated 7 years ago

Overview

Description: Stack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:justsystem:formliner:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1271BA13-118F-45C5-ADCD-845AF16727D0"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "042BB9E2-6536-4BA0-804C-530EF548E387"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44D0935F-D5F8-4D95-A483-036660B498F7"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69A39F16-968A-48E9-907F-36133B6775D9"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDC262B5-28BE-4EC6-89CC-B013A15CB10C"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72EFC88E-B6D1-4B8A-ADDD-5B2EF6523FEC"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:2004:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF08B2B3-8387-4A91-8866-4C9555901D0C"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:2005:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4125282-F81C-45E4-B5A3-D5685A859455"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro:2006:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "038FB1DB-00F3-4761-A6F4-551360CF7983"
          },
          {
            "criteria": "cpe:2.3:a:justsystem:ichitaro_government:2006:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "957BEBB5-8DAD-427A-936D-6AB1362B33AC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References