JVN#54686544: HOME SPOT CUBE multiple vulnerabilities

HOME SPOT CUBE provided by KDDI CORPORATION is a wireless LAN router. HOME SPOT CUBE contains multiple vulnerabilities listed below. Cross-site scripting - CVE-2016-1136 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N| Base Score: 4.3 CVSS v2|...

Multiple Buffalo network devices vulnerable to cross-site scripting

Overview Multiple network devices provided by BUFFALO INC. contain a cross-site scripting vulnerability. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

Multiple Buffalo network devices vulnerable to cross-site request forgery

Overview Multiple network devices provided by BUFFALO INC. contain a cross-site request forgery vulnerability CWE-352. Satoshi Ogawa of Mitsui Bussan Secure Directions, Inc. and Masashi Sakai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

JVN#49225722: Multiple Buffalo network devices vulnerable to cross-site scripting

Multiple network devices provided by BUFFALO INC. contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the logged in user's web browser. Solution Update the firmware Update the firmware according to the information provided by the developer. Products Affecte...

JVN#09268287: Multiple Buffalo network devices vulnerable to cross-site request forgery

Multiple network devices provided by BUFFALO INC. contain a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, unintended operations may be conducted. Solution Update the firmware Update the firmware according to the information provided by...

Shoplat App for iOS issue in the verification of SSL certificates

Overview Shoplat App for iOS provided by NTT DOCOMO contains an issue in the verification of the SSL server certificate. ma.la reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A connection to a server using a...

JVN#47951769: Shoplat App for iOS issue in the verification of SSL certificates

Shoplat App for iOS provided by NTT DOCOMO contains an issue in the verification of the SSL server certificate. Impact A connection to a server using an invalid SSL server certificate can be estabilished without a warning. As a result, the user may not notice that a remote attacker is interceptin...

H2O vulnerable to HTTP header injection

Overview H2O is an open source web server software. H2O contains an HTTP header injection vulnerability. Kazuho Oku reported this vulnerability to IPA to notify users of its solution through JVN. JPCERT/CC and Kazuho Oku coordinated under the Information Security Early Warning Partnership. Impact...

acmailer vulnerable to OS command injection

Overview acmailer provided by Seeds Co.,Ltd. contains an OS command injection vulnerability CWE-78. Kazuhiro Shibuta of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

JVN#45928828: H2O vulnerable to HTTP header injection

H2O is an open source web server software. H2O contains an HTTP header injection vulnerability. Impact An HTTP response splitting attack may result in arbitrary cookie values. Solution Update the Software Update to the latest version according to the information provided by the developer. Product...

JVN#50899877: acmailer vulnerable to OS command injection

acmailer provided by Seeds Co.,Ltd. contains an OS command injection vulnerability CWE-78. Impact An authenticated attacker may execute an arbitrary OS command on the server. Solution Update the software Update to the latest version according to the information provided by the developer. Products...

DX Library vulnerable to buffer overflow

Overview DX Library is an open source library for creating Windows application. DX Library contains a buffer overflow vulnerability due to a flaw in processing an inner function CLvsprintf. Tomoya Kitagawa reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

JVN#49476817: DX Library vulnerable to buffer overflow

DX Library is an open source library for creating Windows application. DX Library contains a buffer overflow vulnerability due to a flaw in processing an inner function CLvsprintf. Impact When processing a specially crafted string, an application built using DX Library may allow an arbitrary code...

Cross-site Scripting Vulnerability in uCosminexus Portal Framework and Groupmax Collaboration

Overview A cross-site scripting vulnerability was found in uCosminexus Portal Framework and Groupmax Collaboration. Impact Remote users can exploit a cross-site scripting vulnerability to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official...

CG-WLBARAGM may behave as an open proxy

Overview CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains an issue where it may behave as an open proxy. Akihiro Nakajima of NTT Communications reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

CG-WLNCM4G may behave as an open resolver

Overview CG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver. SASABE Tetsuro of The University of Tokyo reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

CG-WLBARGS does not properly perform authentication

Overview CG-WLBARGS provided by Corega Inc is a wireless LAN router. CG-WLBARGS does not properly perform authentication. Kousuke Kawahira of DWANGO Co.,Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A...

JVN#51349622: CG-WLBARGS does not properly perform authentication

CG-WLBARGS provided by Corega Inc is a wireless LAN router. CG-WLBARGS does not properly perform authentication. Impact An attacker who can access the product may log in with administrative privileges. As a result, an arbitrary administrative operations may be executed. Solution Apply a Workaroun...

JVN#50775659: CG-WLBARAGM may behave as an open proxy

CG-WLBARAGM provided by Corega Inc is a wireless LAN router. CG-WLBARAGM contains an issue where it may behave as an open proxy. Impact The device may be leveraged as a proxy server to conduct cyber attacks. Solution Apply a Workaround The following workaround may mitigate the affects of this...

JVN#51250073: CG-WLNCM4G may behave as an open resolver

CG-WLNCM4G provided by Corega Inc is a network camera. CG-WLNCM4G contains an issue where it may behave as an open resolver. Impact The device may be leveraged for use in a DNS amplification attack and unknowingly become a part of a DDoS attack. Solution Do not use CG-WLNCM4G As of December 25,...

Vulnerability in JP1/Automatic Job Management System 3

Overview A vulnerability to denial-of-service attacks was found in JP1/Automatic Job Management System 3. Impact Attackers can exploit this vulnerability to cause a denial-of-service attack by sending ill-intended messages repeatedly from a malicious host in the network. Solution Please refer to...

Multiple Cross-site Scripting Vulnerabilities in EUR

Overview Multiple cross-site scripting vulnerabilities were found in EUR. Impact Remote users can exploit these vulnerabilities to execute malicious scripts. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

Welcart vulnerable to SQL injection

Overview Welcart provided by Collne Inc. is a WordPress plugin. Welcart contains an SQL injection vulnerability CWE-89 due to a flaw in the processing of searchcolumn and switch parameter in admin.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

Adobe Flash Player issue where iframe contents may be overwritten

Overview Adobe Flash Player contains an issue where the same-origin policy may be bypassed leading to iframe contents being overwritten. Tokuji Akamine reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact...

WinRAR may insecurely load executable files

Overview WinRAR contains a function where user specified files on the local disk can be executed. When this file does not have a file extension, a file of the same name with a file extension contained in the same folder may be executed by WinRAR instead of the user specified file. WinRAR also...

JVN#22533124: Adobe Flash Player issue where iframe contents may be overwritten

Adobe Flash Player contains an issue where the same-origin policy may be bypassed leading to iframe contents being overwritten. Impact Processing specially crafted Flash content may lead to iframe contents being overwritten. Solution Apply an Update Update to the latest version according to the...

JVN#64636058: WinRAR may insecurely load executable files

WinRAR contains a function where user specified files on the local disk can be executed. When this file does not have a file extension, a file of the same name with a file extension contained in the same folder may be executed by WinRAR instead of the user specified file. WinRAR also contains a...

JVN#43344629: Welcart vulnerable to SQL injection

Welcart provided by Collne Inc. is a WordPress plugin. Welcart contains an SQL injection vulnerability CWE-89 due to a flaw in the processing of searchcolumn and switch parameter in admin.php. Impact An unauthenticated attacker may obtain or alter information stored in the database. Solution Appl...

Zend Framework vulnerable to SQL injection

Overview Zend Framework is an open source web application framework. Zend Framework contains an SQL injection vulnerability CWE-89 due to the argument of the ORDER BY clause. Hiroshi Tokumaru of HASH Consulting Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

JVN#71730320: Zend Framework vulnerable to SQL injection

Zend Framework is an open source web application framework. Zend Framework contains an SQL injection vulnerability CWE-89 due to the argument of the ORDER BY clause. Impact An attacker who can access the product may execute SQL commands. Solution Update the Software Update to the latest version...

WL-330NUL vulnerable to cross-site scripting

Overview WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a stored cross-site scripting vulnerability. TAIZO TSUKAMOTO of GLOBAL SECURITY EXPERTS Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

WL-330NUL vulnerable to denial-of-service (DoS)

Overview WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a denial-of-service DoS vulnerability. TAIZO TSUKAMOTO of GLOBAL SECURITY EXPERTS Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

WL-330NUL vulnerable to remote command execution

Overview WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a remote command execution vulnerability. TAIZO TSUKAMOTO of GLOBAL SECURITY EXPERTS Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

WL-330NUL information management vulnerability

Overview WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains an issue in information management. TAIZO TSUKAMOTO of GLOBAL SECURITY EXPERTS Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...

JVN#69462495: WL-330NUL information management vulnerability

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains an issue in information management. Impact An attacker that can access the product may obtain the WPA2-PSK passphrase. Solution Update the Firmware Update the firmware to the latest version according to th...

JVN#34489380: WL-330NUL vulnerable to remote command execution

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a remote command execution vulnerability. Impact An attacker that can access the product may execute an arbitrary command with administrative privileges. Solution Update the Firmware Update the firmware to...

JVN#89965717: WL-330NUL vulnerable to cross-site scripting

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a stored cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Firmware Update the firmware to the latest version according to the...

JVN#85359294: WL-330NUL vulnerable to denial-of-service (DoS)

WL-330NUL provided by ASUS Japan Inc. is a portable wireless LAN router. WL-330NUL contains a denial-of-service DoS vulnerability. Impact An attacker who can access the product may be able to cause a denial-of-service DoS. Solution Update the Firmware Update the firmware to the latest version...

Web Analytics Service vulnerable to cross-site scripting

Overview The JavaScript module for using Web Analytics Service which was provided by NTT DATA Smart Sourcing Corporation contains a cross-site scripting vulnerability CWE-79 due to a flaw in escaping process. According to the developer, this script was distributed from 26 November, 2003 to 9 July...

GANMA! App for iOS fails to verify SSL server certificates

Overview GANMA! App for iOS provided by COMICSMART INC. fails to verify SSL server certificates. Yuji Tounai reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow an attacker t...

JVN#70083512: Web Analytics Service vulnerable to cross-site scripting

The JavaScript module for using Web Analytics Service which was provided by NTT DATA Smart Sourcing Corporation contains a cross-site scripting vulnerability CWE-79 due to a flaw in escaping process. According to the developer, this script was distributed from 26 November, 2003 to 9 July, 2013...

JVN#44541100: GANMA！ App for iOS fails to verify SSL server certificates

GANMA！ App for iOS provided by COMICSMART INC. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided by the...

EC-CUBE plugin BbAdminViewsControl vulnerable to SQL injection

Overview BbAdminViewsControl from BOKUBLOCK CO., LTD. is an EC-CUBE plugin. BbAdminViewsControl contains an SQL injection vulnerability CWE-89. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

JVN#55545372: EC-CUBE plugin BbAdminViewsControl vulnerable to SQL injection

BbAdminViewsControl from BOKUBLOCK CO., LTD. is an EC-CUBE plugin. BbAdminViewsControl contains an SQL injection vulnerability CWE-89. Impact A logged in attacker may execute SQL statements. According to the developer, this vulnerability affects availability of the server that EC-CUBE resides, bu...

XML External Entity (XXE) Vulnerability in Hitachi Command Suite

Overview XML External Entity XXE Vulnerability exists in Hitachi Command Suite. Impact Malicious attacker might exploit this vulnerability to disclose arbitrary files. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

p++BBS vulnerable to cross-site scripting

Overview p++BBS provided by Let's PHP! contains a stored cross-site scripting vulnerability CWE-79. Koki Takahashi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the...

Frame high-speed chat vulnerable to cross-site scripting

Overview Frame high-speed chat provided by Let's PHP! contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer...

JVN#72891124: p++BBS vulnerable to cross-site scripting

p++BBS provided by Let's PHP! contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected p++BBS...

JVN#35845584: Frame high-speed chat vulnerable to cross-site scripting

Frame high-speed chat provided by Let's PHP! contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected...

Apache Cordova vulnerable to improper application of whitelist restrictions

Overview Apache Cordova provided by the Apache Software Foundation is a framework for creating mobile applications for various platforms. Android applications built using Apache Cordova contain a vulnerability where whitelist restrictions are not properly applied. Muneaki Nishimura of Sony Digita...