5609 matches found
JVN#24517322: Koritore vulnerable to URL whitelist bypass
Koritore provided by Newphoria Corporation Inc. is an application for both iOS or Android built using "applican". Koritore contains an issue where an arbitrary page may be loaded if the application is launched using the URL-scheme. Impact Android version of this app may allow an applican API to b...
PIXMA MG7500 Series vulnerable to cross-site request forgery
Overview PIXMA MG7500 Series provided by Canon Inc. contain a cross-site request forgery vulnerability. TOMITA Ryo of Fukuoka Junior High School attached to the Fukuoka University of Education FUE reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
Japan Connected-free Wi-Fi vulnerable to script injection
Overview Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. is vulnerable to script injection when displaying malformed strings contained in SSID. Kenta Suefusa and Tomonori Shiomi of Sprout Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
Japan Connected-free Wi-Fi vulnerable to allow URL whitelist bypass
Overview Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. contains an issue where an arbitrary page may be loaded if the application is launched with the URL-scheme. Kenta Suefusa and Tomonori Shiomi of Sprout Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with...
JVN#04644117: Japan Connected-free Wi-Fi vulnerable to allow URL whitelist bypass
Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. contains an issue where an arbitrary page may be loaded if the application is launched with the URL-scheme. Impact Android version of this app may allow an arbitrary API to be executed if permissions to execute that API are grant...
JVN#07427376: PIXMA MG7500 Series vulnerable to cross-site request forgery
PIXMA MG7500 Series provided by Canon Inc. contain a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged into the Remote UI, unintended operations may be performed. Solution Apply a Workaround The following workaround can mitigate the affects of this...
JVN#41048401: Japan Connected-free Wi-Fi vulnerable to script injection
Japan Connected-free Wi-Fi provided by NTT Broadband Platform, Inc. is vulnerable to script injection when displaying malformed strings contained in SSID. Impact When the device running the app connects to an access point and its SSID contains malicious script, the script may be executed. Solutio...
ELPhoneBtnV6 ActiveX control vulnerable to buffer overflow
Overview ELPhoneBtnV6 ActiveX control was used for "Click to Live" service provided by FreeBit Co., Ltd. Although "Click to Live" service has been discontinued, PCs that used the "Click to Live" service may still have the ActiveX control installed. ELPhoneBtnV6 ActiveX control, which is provided ...
JVN#62078684: ELPhoneBtnV6 ActiveX control vulnerable to buffer overflow
ELPhoneBtnV6 ActiveX control was used for "Click to Live" service provided by FreeBit Co., Ltd. Although "Click to Live" service has been discontinued, PCs that used the "Click to Live" service may still have the ActiveX control installed. ELPhoneBtnV6 ActiveX control, which is provided by the fi...
OpenDocMan vulnerable to cross-site scripting
Overview OpenDocMan is a document management system DMS. OpenDocMan contains a cross-site scripting vulnerability due to a processing flaw in the "redirection" parameter. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer...
Apache Struts vulnerable to cross-site scripting
Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a cross-site scripting vulnerability when devMode is left turned on. Masaki Yoshikawa of LAC Co., Ltd. reported this vulnerability to IPA. JPCERT/CC...
Apache Struts vulnerable to cross-site scripting
Overview Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Apache Struts is vulnerable to cross-site scripting when JSP files can be accessed directly. Takayoshi Isayama of Mitsui Bussan Secure Directions, Inc. reported this...
JVN#95989300: Apache Struts vulnerable to cross-site scripting
Apache Struts provided by the Apache Software Foundation is a software framework for creating Java web applications. Apache Struts contains a cross-site scripting vulnerability when devMode is left turned on. Impact An arbitrary script may be executed on the user's web browser. Solution Update th...
JVN#00015036: OpenDocMan vulnerable to cross-site scripting
OpenDocMan is a document management system DMS. OpenDocMan contains a cross-site scripting vulnerability due to a processing flaw in the "redirection" parameter. Impact An arbitrary script may be executed on the user's Mozilla Firefox. Solution Update the software Update to the latest version...
JVN#88408929: Apache Struts vulnerable to cross-site scripting
Apache Struts provided by the Apache Software Foundation is a software framework for creating web applications in Java. Apache Struts is vulnerable to cross-site scripting when JSP files can be accessed directly. Impact An arbitrary script may be executed on the user's Internet Explorer when the...
BBS X102 vulnerable to cross-site scripting
Overview BBS X102 provided by guide-park.com is a bulletin board software. BBS X102 contains a cross-site scripting vulnerability. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on May 26, 2015, it was judged that an advisory for this vulnerabili...
hitSuji (rktSNS2) vulnetable to cross-site scripting
Overview hitSuji rktSNS2 provided by rakuto.net is an open source SNS software. hitSuji rktSNS2 contains a cross-site scripting vulnerability. During the meeting of Committee for authorizing the disclosure of unresolved vulnerabilities held on May 26, 2015, it was judged that an advisory for this...
JVN#13684924: BBS X102 vulnerable to cross-site scripting
BBS X102 provided by guide-park.com is a bulletin board software. BBS X102 contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Consider stop using BBS X102 Ver1.03 Since the developer was unreachable, existence of any...
JVN#24692261: hitSuji (rktSNS2) vulnetable to cross-site scripting
hitSuji rktSNS2 provided by rakuto.net is an open source SNS software. hitSuji rktSNS2 contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Consider stop using hitSuji rktSNS2 0.2.2b Since the developer was unreachable,...
NScripter vulnerable to buffer overflow
Overview NScripter is a script engine to build and execute games. NScripter contains a buffer overflow vulnerability due to a flaw in processing save data. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
JVN#08494613: NScripter vulnerable to buffer overflow
NScripter is a script engine to build and execute games. NScripter contains a buffer overflow vulnerability due to a flaw in processing save data. Impact By processing a specially crafted save data, arbitrary code may be executed. Solution For developers using NScripter: Update and Rebuild the Ga...
Twit BBS vulnerable to cross-site scripting
Overview Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
Rakuten card App for iOS fails to verify SSL server certificates
Overview Rakuten card App for iOS provided by Rakuten Card Co., Ltd. fails to verify SSL server certificates. AOKI Keiichi reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack may allow...
desknet's NEO vulnerable to directory traversal
Overview desknet's NEO provided by NEOJAPAN Inc. contains a directory traversal CWE-22 vulnerability where it fails to verify html parameter in zhtml.cgi. Hiroyuki Yamashita of M Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early...
JVN#09283606: desknet's NEO vulnerable to directory traversal
desknet's NEO provided by NEOJAPAN Inc. contains a directory traversal CWE-22 vulnerability where it fails to verify html parameter in zhtml.cgi. Impact An authenticated attacker may view arbitrary files on the server. Solution Update the Software Update to the latest version according to the...
JVN#81207766: Rakuten card App for iOS fails to verify SSL server certificates
Rakuten card App for iOS provided by Rakuten Card Co., Ltd. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information provided ...
JVN#77193915: Twit BBS vulnerable to cross-site scripting
Twit BBS provided by LEMON-S PHP contains a persistent cross-site scripting CWE-79 vulnerability due to the processing of imagetitle parameter in index.php. Impact An arbitrary script may be executed on the user's web browser. Solution Do not use Twit BBS Twit BBS is no longer being developed or...
File Encryption Software "ED" where encrypted data may be easier to decipher when files of small size are encrypted
Overview File encyption software "ED" contains an issue when files of small size are encyrpted, they may become easier to decipher in comparison to when files of a larger size are encrypted. When encrypting small files that are smaller than the block size 128 bits, file encryption software "ED"...
JVN#91474878: File Encryption Software "ED" where encrypted data may be easier to decipher when files of small size are encrypted
File encyption software "ED" contains an issue when files of small size are encyrpted, they may become easier to decipher in comparison to when files of a larger size are encrypted. When encrypting small files that are smaller than the block size 128 bits, file encryption software "ED" encrypts...
Apache Tapestry deserializes untrusted data
Overview Apache Tapestry contains a vulnerability where it may deserialize untrusted data. Apache Tapestry is a framework for creating Java web applications. Apache Tapestry contains an interface where client side serialized data sent to the server is deserialized after it is received by the...
JVN#17611367: Apache Tapestry deserializes untrusted data
Apache Tapestry is a framework for creating Java web applications. Apache Tapestry contains an interface where client side serialized data sent to the server is deserialized after it is received by the server. This data serialization / deserialization process does not contain data validation...
Multiple I-O DATA LAN routers vulnerable in UPnP functionality
Overview A wired LAN router NP-BBRS and a wireless LAN router WN-G54/R2 provided by I-O DATA DEVICE, INC. contain a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution For NP-BBRS: Do not use NP-BBRS The developer has stated that...
JVN#17964918: Multiple I-O DATA LAN routers vulnerable in UPnP functionality
A wired LAN router NP-BBRS and a wireless LAN router WN-G54/R2 provided by I-O DATA DEVICE, INC. contain a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution For NP-BBRS: Do not use NP-BBRS The developer has stated that the suppo...
Photo Gallery CMS for PC, smartphone and feature phone (Free) vulnerable to cross-site request forgery
Overview Photo Gallery CMS for PC, smartphone and feature phone Free provided by PHP Kobo contains a cross-site request forgery CWE-352 vulnerability in admin.php. Yuji Tounai of NTT Com SecurityJapan KK reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Informatio...
Photo Gallery CMS for PC, smartphone and feature phone (Free) vulnerable to cross-site scripting
Overview Photo Gallery CMS for PC, smartphone and feature phone Free provided by PHP Kobo contains a cross-site scripting CWE-79 vulnerability in admin.php. Yuji Tounai of NTT Com SecurityJapan KK reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
Microsoft Office discloses a file path of a local file
Overview When a file such as a clipart or an image is inserted in Office documents, the absolute path of the local file is stored in "alternative text". Yosuke HASEGAWA of SecureSky Technology Inc. and Miyuki Chikara of MARUS JAPAN Inc. reported this vulnerability to IPA. JPCERT/CC coordinated wi...
JVN#20459920: Microsoft Office discloses a file path of a local file
When a file such as a clipart or an image is inserted in Office documents, the absolute path of the local file is stored in "alternative text". Impact An attacker may obtain information about the file system or the user name through Office documents. Solution Upgrade the Software Upgrade to the...
JVN#69175956: Photo Gallery CMS for PC, smartphone and feature phone (Free) vulnerable to cross-site scripting
Photo Gallery CMS for PC, smartphone and feature phone Free provided by PHP Kobo contains a cross-site scripting CWE-79 vulnerability in admin.php. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Replace admin.php with a new version according to...
JVN#78240242: Photo Gallery CMS for PC, smartphone and feature phone (Free) vulnerable to cross-site request forgery
Photo Gallery CMS for PC, smartphone and feature phone Free provided by PHP Kobo contains a cross-site request forgery CWE-352 vulnerability in admin.php. Impact If a user views a malicious page while logged in, unintended operations may be performed. Solution Update the Software Replace admin.ph...
Yodobashi App for Android vulnerable to arbitrary Java method execution
Overview Yodobashi App for Android provided by Yodobashi Camera Co.,Ltd. contains a vulnerability where an arbitrary Java method may be executed. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impa...
Yodobashi App for Android fails to verify SSL server certificates
Overview Yodobashi App for Android provided by Yodobashi Camera Co.,Ltd. fails to verify SSL server certificates. Kusano Kazuhiko reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A man-in-the-middle attack ma...
JVN#29053368: Yodobashi App for Android fails to verify SSL server certificates
Yodobashi App for Android provided by Yodobashi Camera Co.,Ltd. fails to verify SSL server certificates. Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. Solution Update the Software Update to the latest version according to the information...
JVN#70465405: Yodobashi App for Android vulnerable to arbitrary Java method execution
Yodobashi App for Android provided by Yodobashi Camera Co.,Ltd. contains a vulnerability where an arbitrary Java method may be executed. Impact When opening a specially crafted website, an attacker may be able to execute an arbitrary Java method. As a result, information stored in Android devices...
yoyaku_v41 vulnerable to OS command injection
Overview yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an OS command injection vulnerability CWE-78. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
yoyaku_v41 vulnerable to authentication bypass
Overview yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an authentication bypass vulnerability CWE-592. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...
yoyaku_v41 vulnerable to arbitrary file creation
Overview yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a vulnerability that may allow a remote attacker to create arbitrary files CWE-20. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
JVN#52248864: yoyaku_v41 vulnerable to authentication bypass
yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an authentication bypass vulnerability CWE-592. Impact A remote attacker could bypass yoyakuv41's authentication, and make an unintentional reservation. Solution Do not use yoyakuv41...
JVN#17522792: yoyaku_v41 vulnerable to OS command injection
yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains an OS command injection vulnerability CWE-78. Impact An arbitrary OS command may be executed with the privileges of the web server on the server where yoyakuv41 is running. Solution Do no...
JVN#46674982: yoyaku_v41 vulnerable to arbitrary file creation
yoyakuv41 provided by Webservice-DIC is a software to manage conference room reservations. yoyakuv41 contains a vulnerability that may allow a remote attacker to create arbitrary files CWE-20. Impact An arbitrary file created by an attacker may result in arbitrary code being executed on the serve...
Gazou BBS plus vulnerability in file upload processing
Overview Gazou BBS plus provided by LEMON-S PHP contains a vulnerability in the processing of file uploads. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An image file may be specially crafted t...