CVE-2017-10870
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
44.5%
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| justsystem | formliner | 2018 | cpe:2.3:a:justsystem:formliner:2018:*:*:*:*:*:*:* |
| justsystem | formliner | 2017 | cpe:2.3:a:justsystem:formliner:2017:*:*:*:*:*:*:* |
| justsystem | formliner | 2016 | cpe:2.3:a:justsystem:formliner:2016:*:*:*:*:*:*:* |
| justsystem | ichitaro | 2017 | cpe:2.3:a:justsystem:ichitaro:2017:*:*:*:*:*:*:* |
| justsystem | ichitaro | 2016 | cpe:2.3:a:justsystem:ichitaro:2016:*:*:*:*:*:*:* |
| justsystem | ichitaro | 2015 | cpe:2.3:a:justsystem:ichitaro:2015:*:*:*:*:*:*:* |
| justsystem | ichitaro | 2011 | cpe:2.3:a:justsystem:ichitaro:2011:*:*:*:*:*:*:* |
| justsystem | ichitaro | 8 | cpe:2.3:a:justsystem:ichitaro:8:*:*:*:*:*:*:* |
| justsystem | ichitaro | 7 | cpe:2.3:a:justsystem:ichitaro:7:*:*:*:*:*:*:* |
| justsystem | ichitaro | 6 | cpe:2.3:a:justsystem:ichitaro:6:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Rakuraku Hagaki",
"vendor": "Justsystem",
"versions": [
{
"status": "affected",
"version": "Rakuraku Hagaki 2018"
},
{
"status": "affected",
"version": "Rakuraku Hagaki 2017"
},
{
"status": "affected",
"version": "Rakuraku Hagaki 2016"
}
]
},
{
"product": "Rakuraku Hagaki Select for Ichitaro",
"vendor": "Justsystem",
"versions": [
{
"status": "affected",
"version": "Ichitaro 2017"
},
{
"status": "affected",
"version": "Ichitaro 2016"
},
{
"status": "affected",
"version": "Ichitaro 2015"
},
{
"status": "affected",
"version": "Ichitaro Pro3"
},
{
"status": "affected",
"version": "Ichitaro Pro2"
},
{
"status": "affected",
"version": "Ichitaro Pro"
},
{
"status": "affected",
"version": "Ichitaro 2011"
},
{
"status": "affected",
"version": "Ichitaro Government 8"
},
{
"status": "affected",
"version": "Ichitaro Government 7"
},
{
"status": "affected",
"version": "Ichitaro Government 6"
},
{
"status": "affected",
"version": "Ichitaro 2017 Trial version"
}
]
}
]Related
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
44.5%