Lucene search
JpcertCVELIST:CVE-2022-36344HistoryAug 16, 2022 - 7:03 a.m.
CVE-2022-36344
2022-08-1607:03:05
jpcert
www.cve.org
4
cve-2022-36344
justsystems
online update
ichitaro
pro5
windows service
corporate users
office
atok
hanako
just pdf
shuriken
homepage builder
just school
just smile
just frontier
just jump
tri-de detaprotect
An unquoted search path vulnerability exists in ‘JustSystems JUST Online Update for J-License’ bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, Homepage Builder, JUST School, JUST Smile Class, JUST Smile, JUST Frontier, JUST Jump, and Tri-De DetaProtect.
CNA Affected
[
{
"product": "JustSystems JUST Online Update for J-License'",
"vendor": "JustSystems Corporation",
"versions": [
{
"status": "affected",
"version": "JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-08-16 08:15:00
cve
cve
CVE-2022-36344
2022-08-16 08:15:09
jvn
jvn
nvd
nvd
CVE-2022-36344
2022-08-16 08:15:09