7.5
CVE-2006-4326
- EPSS 7.67%
- Veröffentlicht 24.08.2006 01:04:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginStack-based buffer overflow in Justsystem Ichitaro 9.x through 13.x, Ichitaro 2004, 2005, 2006, and Government 2006; Ichitaro for Linux; and FormLiner before 20060818 allows remote attackers to execute arbitrary code via long Unicode strings in a crafted document, as being actively exploited by malware such as Trojan.Tarodrop. NOTE: some details are obtained from third party information.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Justsystem ≫ Ichitaro Version9.0
Justsystem ≫ Ichitaro Version10.0
Justsystem ≫ Ichitaro Version11.0
Justsystem ≫ Ichitaro Version12.0
Justsystem ≫ Ichitaro Version13.0
Justsystem ≫ Ichitaro Version2004
Justsystem ≫ Ichitaro Version2005
Justsystem ≫ Ichitaro Version2006
Justsystem ≫ Ichitaro Government Version2006
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 7.67% | 0.911 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.