Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
jvnJapan Vulnerability NotesJVN:16901583
HistoryNov 08, 2011 - 12:00 a.m.

JVN#16901583: ChaSen vulnerable to buffer overflow

2011-11-0800:00:00
Japan Vulnerability Notes
jvn.jp
11

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.073 Low

EPSS

Percentile

94.1%

JSON

ChaSen provided by Nara Institute of Science and Technology is a software for morphologically analyzing Japanese. ChaSen contains an issue when reading in strings, which may lead to a buffer overflow.

ChaSen legacy project has inherited development of ChaSen since 11/8/2011.

Impact

An arbitrary script may be executed by an attacker with access to a system that is running a product listed in “Products Affected.”

Solution

Apply a patch
Apply a patch according to the information provided by ChaSen legacy project.

Products Affected

  • ChaSen version 2.4.4 and earlier

  • ChaSen version 2.3.3 and earlier

Products that use the above versions of ChaSen are vulnerable.

Related

prion 1
cvelist 1
nessus 6
openvas 8
ubuntucve 1
debiancve 1
securityvulns 2
freebsd 1
debian 1
osv 1
gentoo 1
nvd 1
cve 1
prion
prion
Buffer overflow
2011-11-08 22:55:00
cvelist
cvelist
CVE-2011-4000
2011-11-08 22:00:00
nessus
nessus
openSUSE Security Update : chasen (openSUSE-SU-2012:0026-1)
2014-06-13 00:00:00
GLSA-201207-03 : ChaSen: User-assisted execution of arbitrary code
2012-07-10 00:00:00
Debian DSA-2361-1 : chasen - buffer overflow
2012-01-12 00:00:00
openvas
openvas
ChaSen Buffer Overflow Vulnerability - Windows
2011-11-09 00:00:00
ChaSen Buffer Overflow Vulnerability - Linux
2011-11-11 00:00:00
ChaSen Buffer Overflow Vulnerability (Windows)
2011-11-09 00:00:00
ubuntucve
ubuntucve
CVE-2011-4000
2011-11-08 00:00:00
debiancve
debiancve
CVE-2011-4000
2011-11-08 22:55:01
securityvulns
securityvulns
chasen library buffer overflow
2011-12-11 00:00:00
[SECURITY] [DSA 2361-1] chasen security update
2011-12-11 00:00:00
freebsd
freebsd
ChaSen -- buffer overflow
2011-11-08 00:00:00
debian
debian
[SECURITY] [DSA 2361-1] chasen security update
2011-12-07 20:51:29
osv
osv
chasen - buffer overflow
2011-12-07 00:00:00
gentoo
gentoo
ChaSen: User-assisted execution of arbitrary code
2012-07-09 00:00:00
nvd
nvd
CVE-2011-4000
2011-11-08 22:55:01
cve
cve
CVE-2011-4000
2011-11-08 22:55:01

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.073 Low

EPSS

Percentile

94.1%

JSON
Related for JVN:16901583
prion1cvelist1nessus6openvas8ubuntucve1debiancve1securityvulns2freebsd1debian1osv1gentoo1nvd1cve1