6 matches found
CVE-2022-36344
An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed...
CVE-2022-36344
An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed...
CVE-2022-36344
CVE-2022-36344 describes an unquoted search path vulnerability in JustSystems JUST Online Update for J-License, bundled with various corporate products (Ichitaro through Pro5 and others). The root cause is an unquoted file path used to start a secondary program from the Windows service, enabling ...
CVE-2014-2003
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature...
Code injection
JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validate signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature...
CVE-2014-2003
CVE-2014-2003 affects JustSystems products that bundle the JUST Online Update (e.g., Ichitaro) up through 2014. The issue is a flaw in how update-module signatures are validated, allowing a remote attacker to spoof modules and execute arbitrary code via a crafted signature. Root cause: insufficie...