JVN#39594409: DMM Movie Player App fails to verify SSL server certificates

DMM Movie Player App provided by DMM.com Labo Co.,Ltd. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Application Update to the latest version according to the information provided by...

JVN#45034304: Multiple Hikari Denwa routers vulnerable to cross-site request forgery

Multiple Hikari Denwa routers contain a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Firmware Apply the appropriate firmware update provided by the developer. Products Affecte...

WordPress plugin "Welcart e-Commerce" vulnerable to session management

Overview WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a vulnerability in session management. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting

Overview WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a cross-site scripting vulnerability CWE-79. Note that this vulnerability is different from JVN95082904. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with t...

WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting

Overview WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a cross-site scripting vulnerability CWE-79. Note that this vulnerability is different from JVN55826471. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with t...

WordPress plugin "Welcart e-Commerce" vulnerable to PHP object injection

Overview WordPress plugin "Welcart e-Commerce" contains a PHP object injection vulnerability due to a flaw where untrusted POST values are unserialized. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

JVN#55826471: WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the develope...

JVN#47363774: WordPress plugin "Welcart e-Commerce" vulnerable to PHP object injection

WordPress plugin "Welcart e-Commerce" contains a PHP object injection vulnerability due to a flaw where untrusted POST values are unserialized. Impact A remote attacker may execute arbitrary PHP code. Solution Update the Software Update to the latest version according to the information provided ...

JVN#95082904: WordPress plugin "Welcart e-Commerce" vulnerable to cross-site scripting

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the develope...

JVN#61578437: WordPress plugin "Welcart e-Commerce" vulnerable to session management

WordPress plugin "Welcart e-Commerce" provided by Collne Inc. contains a vulnerability in session management. Impact A remote attacker who knows a user's e-mail address may log in with the user privilege. As a result, arbitrary operations may be conducted. Solution Update the Software Update to t...

CG-WLR300GNV Series does not limit authentication attempts

Overview CG-WLR300GNV and CG-WLR300GNV-W provided by Corega Inc are wireless LAN routers. The WPS functionality in CG-WLR300GNV Series does not limit PIN authentication attempts, making it susceptible to brute force attacks. Takeshi Okamoto of Kanagawa Institute of Technology and Takaaki Minegish...

CG-WLBARAGM vulnerable to denial-of-service (DoS)

Overview CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains a denial-of-service DoS vulnerability. Yuji Ukai of FFRI, Inc reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An...

CG-WLBARGL vulnerable to command injection

Overview CG-WLBARGL provided by Corega Inc is a wireless LAN router. CG-WLBARGL contains a command injection vulnerability. Ohji Kashiwazaki of Global Security Experts Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#76653039: CG-WLBARGL vulnerable to command injection

CG-WLBARGL provided by Corega Inc is a wireless LAN router. CG-WLBARGL contains a command injection vulnerability. Impact An arbitrary command may be executed by an authenticated attacker. Solution Do not use CG-WLBARGL As of Jun 22nd, 2016, there are no practical solutions to this issue. It is...

JVN#24409899: CG-WLBARAGM vulnerable to denial-of-service (DoS)

CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains a denial-of-service DoS vulnerability. Impact An unauthenticated remote attacker may cause the product to reboot. Solution Apply a Workaround The following workarounds may mitigate the affects of this vulnerability...

JVN#75028871: CG-WLR300GNV Series does not limit authentication attempts

CG-WLR300GNV and CG-WLR300GNV-W provided by Corega Inc are wireless LAN routers. The WPS functionality in CG-WLR300GNV Series does not limit PIN authentication attempts, making it susceptible to brute force attacks. Impact An unauthenticated attacker within wireless range of the device may perfor...

Apache Struts vulnerable to input validation bypass

Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain an input validation bypass vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc...

Apache Struts vulnerable to validation bypass in Getter method

Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain a validation bypass in Getter method vulnerability. JPCERT/CC Addendum Update: August 25, 2016...

Apache Struts vulnerable to cross-site request forgery

Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain a cross-site request forgery vulnerability. Takeshi Terada of Mitsui Bussan Secure Directions, Inc...

Apache Struts vulnerable to denial-of-service (DoS)

Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain a denial-of-service DoS vulnerability due to an issue in URLValidator. ASAI Ken reported this...

Apache Struts vulnerable to remote code execution

Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Web applications that are developed using Apache Struts 2 REST Plugin contain a remote code execution vulnerability. Note that the exploit code for this vulnerability is...

JVN#45093481: Multiple vulnerabilities in Apache Struts 2

Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain multiple vulnerabilities listed below. Cross-site request forgery S2-038 - CVE-2016-4430 Version| Vector|...

JVN#07710476: Apache Struts 2 vulnerable to remote code execution

Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating Java web applications. Web applications that are developed using Apache Struts 2 REST Plugin contain a remote code execution vulnerability. Note that the exploit code for this vulnerability is publicly...

JVN#12352818: Apache Struts 2 vulnerable to denial-of-service (DoS)

Apache Struts 2 provided by the Apache Software Foundation is a software framework for creating web applications in Java. Web applications that are developed using Apache Struts 2 contain a denial-of-service DoS vulnerability due to an issue in URLValidator. Impact An unauthenticated remote...

Deep Discovery Inspector vulnerable to remote code execution

Overview Deep Discovery Inspector provided by Trend Micro Incorporated contains a remote code execution vulnerability. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Trend Micro Incorporated coordinated under the...

JVN#55428526: Deep Discovery Inspector vulnerable to remote code execution

Deep Discovery Inspector provided by Trend Micro Incorporated contains a remote code execution vulnerability. Impact An attacker who can access the product as an administrator may execute arbitrary code with the root privilege. Solution For Deep Discovery Inspector 3.5 and later: Apply the patch...

ETX-R vulnerable to denial-of-service (DoS)

Overview ETX-R provided by I-O DATA DEVICE, INC. is a wired LAN router. ETX-R contains a denial-of-service DoS vulnerability. Junichi MURAKAMI of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

ETX-R vulnerable to cross-site request forgery

Overview ETX-R provided by I-O DATA DEVICE, INC. is a wired LAN router. ETX-R contains a cross-site request forgery vulnerability CWE-352. Junichi MURAKAMI of FFRI, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

JVN#96052093: ETX-R vulnerable to denial-of-service (DoS)

ETX-R provided by I-O DATA DEVICE, INC. is a wired LAN router. ETX-R contains a denial-of-service DoS vulnerability. Impact A remote unauthenticated attacker may cause the web server on the product to be terminated abnormally. Solution Apply a Workaround The following workarounds may mitigate the...

JVN#61317238: ETX-R vulnerable to cross-site request forgery

ETX-R provided by I-O DATA DEVICE, INC. is a wired LAN router. ETX-R contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Apply a Workaround The following workarounds may mitigate the...

DX Library vulnerable to remote code execution

Overview DX Library is an open source library for creating Windows applications. DX Library contains a remote code execution vulnerability due to an issue in printfDx. Tomoya Kitagawa of Graduate School of Information Science, Nara Institute of Science and Technology reported this vulnerability t...

JVN#15205734: DX Library vulnerable to remote code execution

DX Library is an open source library for creating Windows applications. DX Library contains a remote code execution vulnerability due to an issue in printfDx. Impact When processing a specially crafted string, an application built using DX Library may allow arbitrary code to be executed. Solution...

TERASOLUNA Server Framework for Java(WEB) access restriction bypass vulnerability in the file extention filter

Overview The TERASOLUNA Server Framework for JavaWEB provided by NTT Data Corporation is a software framework for creating web applications. The TERASOLUNA Server Framework for JavaWEB has a function to restrict access to contents with specified file extentions from browser requests. This functio...

Apache Struts 1 vulnerable to input validation bypass

Overview The Apache Struts 1 Validator contains a vulnerability where input validation configurations validation rules, error messages, etc. may be modified. This occurs when the following ActionForm including its subclasses are in the session scope. ValidatorForm ValidatorActionForm Impact Effec...

Apache Struts 1 vulnerability that allows unintended remote operations against components on memory

Overview The Apache Sturts 1 ActionForm contains a vulnerability which allows unintended remote operations against components on server memory, such as Servlets and ClassLoader, when the following 2 conditions are met: Condition 1: When the following ActionForm including its subclasses are in the...

JVN#03188560: Apache Struts 1 vulnerability that allows unintended remote operations against components on memory

The Apache Sturts 1 ActionForm contains a vulnerability which allows unintended remote operations against components on server memory, such as Servlets and ClassLoader, when the following 2 conditions are met: Condition 1: When the following ActionForm including its subclasses are in the session...

JVN#65044642: Apache Struts 1 vulnerable to input validation bypass

The Apache Struts 1 Validator contains a vulnerability where input validation configurations validation rules, error messages, etc. may be modified. This occurs when the following ActionForm including its subclasses are in the session scope. ValidatorForm ValidatorActionForm Impact Effects vary...

JVN#74659077: TERASOLUNA Server Framework for Java(WEB) access restriction bypass vulnerability in the file extention filter

The TERASOLUNA Server Framework for JavaWEB provided by NTT Data Corporation is a software framework for creating web applications. The TERASOLUNA Server Framework for JavaWEB has a function to restrict access to contents with specified file extentions from browser requests. This function may be...

Trend Micro enterprise products HTTP header injection vulnerability

Overview Multiple enterprise products provided by Trend Micro Incorporated contain a HTTP header injection vulnerability. According to the developer, exploiting the vulnerability requires access to the LAN environment of the user. Trend Micro Incorporated reported this vulnerability to JPCERT/CC ...

Trend Micro Internet Security vulnerable to arbitrary script execution

Overview Trend Micro Internet Security provided by Trend Micro Incorporated contains a vulnerability that may allow arbitrary script execution. According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used. Trend Micro...

Trend Micro enterprise products directory traversal vulnerability

Overview Multiple enterprise products provided by Trend Micro Incorporated contain a directory traversal vulnerability. According to the developer, exploiting the vulnerability requires access to the LAN environment of the user. Trend Micro Incorporated reported this vulnerability to JPCERT/CC to...

Trend Micro Internet Security access restriction flaw

Overview Trend Micro Internet Security provided by Trend Micro Incorporated contains an access restriction flaw. According to the developer, attempts to exploit the vulnerability will not succeed from external networks when the default settings are used. Trend Micro Incorporated reported this...

JVN#48789425: Trend Micro Internet Security multiple vulnerabilities

Trend Micro Internet Security provided by Trend Micro Incorporated contains the following vulnerabilities. Access Restriction Flaw - CVE-2016-1225 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 5.3 CVSS v2| AV:N/AC:L/Au:N/C:P/I:N/A:N| Base...

JVN#48847535: Trend Micro enterprise products multiple vulnerabilities

Multiple enterprise products provided by Trend Micro Incorporated contain the following vulnerabilities. Directory Traversal - CVE-2016-1223 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N| Base Score: 4.3 CVSS v2| AV:A/AC:L/Au:N/C:P/I:N/A:N| Base Score:...

Cybozu Garoon logging function vulnerable to directory traversal

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains a directory traversal vulnerability in the logging function. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated under the Information Security Early...

Cybozu Garoon function "MultiReport" vulnerable to access restriction bypass

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains an access restriction bypass vulnerability in the function "MultiReport". Yuji Tounai of NTT Com Security Japan KK reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported it to JPCERT/CC to notify users of its solution...

Cybozu Garoon function "Portlets" vulnerable to access restriction bypass

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains an access restriction bypass vulnerability in the function "Portlets". Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact A user may create a portlet which does not belong any...

Cybozu Garoon fails to restrict access permissions

Overview Cybozu Garoon is a groupware. Cybozu Garoon fails to restrict access permissions in the mail function. Note that this vulnerability is different from JVN33879831. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc...

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN37121456. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated...

Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon is a groupware. Cybozu Garoon contains a cross-site scripting vulnerability. Note that this vulnerability is different from JVN49285177. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to Cybozu, Inc., and Cybozu, Inc. reported this...