9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.073 Low
EPSS
Percentile
94.1%
ChaSen provided by Nara Institute of Science and Technology is a software for morphologically analyzing Japanese. ChaSen contains an issue when reading in strings, which may lead to a buffer overflow.
ChaSen legacy project has inherited development of ChaSen since 11/8/2011.
An arbitrary script may be executed by an attacker with access to a system that is running a product listed in “Products Affected.”
Apply a patch
Apply a patch according to the information provided by ChaSen legacy project.
ChaSen version 2.4.4 and earlier
ChaSen version 2.3.3 and earlier
Products that use the above versions of ChaSen are vulnerable.