Lucene search

[email protected]NVD:CVE-2014-2003

HistoryJun 16, 2014 - 2:55 p.m.

CVE-2014-2003

2014-06-1614:55:05

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

High

EPSS

0.035

Percentile

91.6%

JSON

JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature.

Affected configurations

Nvd

Node

justsystemsichitaroRange≤2014

justsystemsichitaroMatch10

justsystemsichitaroMatch11

justsystemsichitaroMatch12

justsystemsichitaroMatch13

justsystemsichitaroMatch2004

justsystemsichitaroMatch2005

justsystemsichitaroMatch2006

justsystemsichitaroMatch2006-government

justsystemsichitaroMatch2007

justsystemsichitaroMatch2007-government

justsystemsichitaroMatch2008

justsystemsichitaroMatch2008-government

justsystemsichitaroMatch2009

justsystemsichitaroMatch2009-government

justsystemsichitaroMatch2009-trial

justsystemsichitaroMatch2010

justsystemsichitaroMatch2010-government

justsystemsichitaroMatch2011

justsystemsichitaroMatch2011-sou

justsystemsichitaroMatch2012-shou

justsystemsichitaroMatch2013-gen

justsystemsichitaroMatch2013-gen_trial

justsystemsjust_online_updateMatch-

VendorProductVersionCPE
justsystemsichitaro*cpe:2.3:a:justsystems:ichitaro:*:*:*:*:*:*:*:*
justsystemsichitaro10cpe:2.3:a:justsystems:ichitaro:10:*:*:*:*:*:*:*
justsystemsichitaro11cpe:2.3:a:justsystems:ichitaro:11:*:*:*:*:*:*:*
justsystemsichitaro12cpe:2.3:a:justsystems:ichitaro:12:*:*:*:*:*:*:*
justsystemsichitaro13cpe:2.3:a:justsystems:ichitaro:13:*:*:*:*:*:*:*
justsystemsichitaro2004cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*
justsystemsichitaro2005cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*
justsystemsichitaro2006cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*
justsystemsichitaro2006cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*
justsystemsichitaro2007cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
justsystems	ichitaro	*	cpe:2.3:a:justsystems:ichitaro::::::::
justsystems	ichitaro	10	cpe:2.3:a:justsystems:ichitaro:10:::::::*
justsystems	ichitaro	11	cpe:2.3:a:justsystems:ichitaro:11:::::::*
justsystems	ichitaro	12	cpe:2.3:a:justsystems:ichitaro:12:::::::*
justsystems	ichitaro	13	cpe:2.3:a:justsystems:ichitaro:13:::::::*
justsystems	ichitaro	2004	cpe:2.3:a:justsystems:ichitaro:2004:::::::*
justsystems	ichitaro	2005	cpe:2.3:a:justsystems:ichitaro:2005:::::::*
justsystems	ichitaro	2006	cpe:2.3:a:justsystems:ichitaro:2006:::::::*
justsystems	ichitaro	2006	cpe:2.3:a:justsystems:ichitaro:2006:-:government:::::*
justsystems	ichitaro	2007	cpe:2.3:a:justsystems:ichitaro:2007:::::::*

Rows per page:

1-10 of 241

References

jvn.jp/en/jp/JVN50129191/index.html

jvndb.jvn.jp/jvndb/JVNDB-2014-000053

www.ipa.go.jp/security/ciadr/vul/20140611-jvn.html

www.justsystems.com/jp/info/js14002.html

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

High

EPSS

0.035

Percentile

91.6%

JSON

Related for NVD:CVE-2014-2003

cvelist1 prion1 jvn1 cve1