Lucene search
K

5625 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/17 9:30 a.m.•3 views

AttacheCase may insecurely load executable files

Overview AttacheCase may use unsafe methods for determining how to load executables .exe. AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search pat...

6.9CVSS7.5AI score0.00287EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/17 12:0 a.m.•34 views

JVN#02175694: AttacheCase may insecurely load executable files

AttacheCase is a file encryption/decryption software. AttacheCase loads certain executables .exe when decrypting files, if certain settings are applied. AttacheCase contains an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code wi...

6.9CVSS7.2AI score0.00287EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 9:20 a.m.•2 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific ISO-2022-JP encoded characters, which may result in cross-site...

4.3CVSS5.8AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 9:19 a.m.•2 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific EUC-JP or ShiftJIS encoded characters, which may result in cross-site...

4.3CVSS5.9AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 9:19 a.m.•2 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a vulnerability in handling specific character encoding which may result in a cross-site scripting attack. Microsoft Internet Explorer contains a vulnerability in handling specific UTF-7 encoded characters, which may result in cross-site scripting. Fo...

4.3CVSS5.8AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 9:18 a.m.•4 views

Internet Explorer vulnerable to cross-site scripting

Overview Microsoft Internet Explorer contains a cross-site scripting vulnerability due to the way file types are determined. Microsoft Internet Explorer contains a vulnerability in handling Content-Type, which may result in cross-site scripting. For more information, refer to the information...

4.3CVSS5.8AI score0.13615EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 12:0 a.m.•36 views

JVN#30273074: Internet Explorer vulnerable to cross-site scripting

Microsoft Internet Explorer contains a vulnerability in handling specific UTF-7 encoded characters, which may result in cross-site scripting. Impact An arbitrary script may be executed. Solution Update the Software Apply the latest update according to the information provided by Microsoft. Produc...

4.3CVSS5.8AI score0.13615EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 12:0 a.m.•38 views

JVN#33301529: Internet Explorer vulnerable to cross-site scripting

Microsoft Internet Explorer contains a vulnerability in handling specific ISO-2022-JP encoded characters, which may result in cross-site scripting. Impact An arbitrary script may be executed. Solution Update the Software Apply the latest update according to the information provided by Microsoft...

4.3CVSS5.7AI score0.13615EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 12:0 a.m.•50 views

JVN#21120853: Internet Explorer vulnerable to cross-site scripting

Microsoft Internet Explorer contains a vulnerability in handling specific EUC-JP or ShiftJIS encoded characters, which may result in cross-site scripting. Impact An arbitrary script may be executed. Solution Update the Software Apply the latest update according to the information provided by...

4.3CVSS5.9AI score0.13615EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/15 12:0 a.m.•41 views

JVN#62275332: Internet Explorer vulnerable to cross-site scripting

Microsoft Internet Explorer contains a vulnerability in handling Content-Type, which may result in cross-site scripting. Impact An arbitrary script may be executed. Solution Update the Software Apply the latest update according to the information provided by Microsoft. Products Affected Internet...

4.3CVSS5.9AI score0.13615EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/14 6:21 a.m.•3 views

EUR Form Client Arbitrary File Execution Vulnerability

Overview EUR Form Client has an arbitrary file execution vulnerability. Impact A remote attacker could execute arbitrary file on the affected system. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

10CVSS7.5AI score0.05265EPSS
Exploits0References4
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/14 6:18 a.m.•4 views

Interstage Application Server Information Disclosure Vulnerability

Overview Interstage Application Server has an information disclosure vulnerability when used in a J2EE environment. Impact By taking the specific steps, a remote attacker could access the files and directories in the server to which J2EE applications are deployed, and the confidential information...

7.8CVSS6.3AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 9:28 a.m.•2 views

Movable Type vulnerable to SQL injection

Overview Movable Type contains SQL injection vulnerability. Movable Type, a web log system from Six Apart KK, contains a SQL injection vulnerability. Impact A remote attacker may view or modify information stored by the product. Solution Update the Software Update to the latest version according ...

7.5CVSS7.6AI score0.01286EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 9:26 a.m.•3 views

Movable Type vulnerable to cross-site scripting

Overview Movable Type contains a cross-site scripting vulnerability. Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is different than the previous vulnerabilities disclosed on JVN. Impact An arbitrary script may be executed on t...

4.3CVSS6.2AI score0.0125EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 9:25 a.m.•3 views

Vulnerability in Epson printer driver installer where access permissions are changed

Overview A vulnerability in printer driver installers provided by Epson cause access permissions to a certain folder on the system to be changed. When printer drivers provided by Epson are installed, the access permissions for the folder that contains program files C:\Program Files are changed. A...

4.6CVSS6.7AI score0.00311EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 12:0 a.m.•21 views

JVN#36673836: Movable Type vulnerable to cross-site scripting

Movable Type, a web log system from Six Apart KK, contains a cross-site scripting vulnerability. This vulnerability is different than the previous vulnerabilities disclosed on JVN. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the...

4.3CVSS6AI score0.0125EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 12:0 a.m.•42 views

JVN#62736872: Vulnerability in Epson printer driver installer where access permissions are changed

When printer drivers provided by Epson are installed, the access permissions for the folder that contains program files C:\Program Files are changed. As a result, users that do not have permission to access that folder can gain access to that folder. Impact A user that does not have permission to...

4.6CVSS6.5AI score0.00311EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/08 12:0 a.m.•26 views

JVN#78536512: Movable Type vulnerable to SQL injection

Movable Type, a web log system from Six Apart KK, contains a SQL injection vulnerability. Impact A remote attacker may view or modify information stored by the product. Solution Update the Software Update to the latest version according to the information provided by the developer. Products...

7.5CVSS7AI score0.01286EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/01 11:27 a.m.•3 views

Clipboard contents alteration vulnerability in Grani

Overview Grani contains a vulnerability in which the contents of the clipboard may be altered. Grani, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Grani is being used under certain settings, the contents of the...

5.8CVSS6.5AI score0.00867EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/01 11:27 a.m.•3 views

Clipboard contents alteration vulnerability in Sleipnir

Overview Sleipnir contains a vulnerability in which the contents of the clipboard may be altered. Sleipnir, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Sleipnir is being used under certain settings, the conten...

5.8CVSS6.5AI score0.01007EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/01 12:0 a.m.•19 views

JVN#64764004: Clipboard contents alteration vulnerability in Sleipnir

Sleipnir, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Sleipnir is being used under certain settings, the contents of the clipboard may be read or written from a website. Impact Contents contained in the...

5.8CVSS6.1AI score0.01007EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/12/01 12:0 a.m.•31 views

JVN#76662040: Clipboard contents alteration vulnerability in Grani

Grani, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Grani is being used under certain settings, the contents of the clipboard may be read or written from a website. Impact Contents contained in the clipboard ma...

5.8CVSS6.1AI score0.00867EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/26 8:32 a.m.•6 views

Google Chrome information disclosure vulnerability

Overview Google Chrome contains an information disclosure vulnerability. Google Chrome contains an information disclosure vulnerability caused by the improper handling of XML files. Takayoshi Isayama from Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC...

6.5CVSS6.2AI score0.00761EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/26 8:16 a.m.•1 views

Safari address bar spoofing vulnerability

Overview Safari contains a vulnerability where the URL displayed in the address may be spoofed. Safari contains a vulnerability where the address bar displays a character string that looks like a different URL than the URL that is being accessed. Impact Phishing attacks may be possible, due to th...

4.3CVSS6.5AI score0.02981EPSS
Exploits0References10
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/26 12:0 a.m.•34 views

JVN#46026251: Safari address bar spoofing vulnerability

Safari contains a vulnerability where the address bar displays a character string that looks like a different URL than the URL that is being accessed. Impact Phishing attacks may be possible, due to the difficulty in determining that the URL displayed in the address bar and the URL being accessed...

4.3CVSS5.8AI score0.02981EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/26 12:0 a.m.•29 views

JVN#36765384: Google Chrome information disclosure vulnerability

Google Chrome contains an information disclosure vulnerability caused by the improper handling of XML files. Impact When viewing a specially crafted web page, information may be disclosed. Solution Update the Software Update to the latest version according to the information provided by the...

6.5CVSS6.1AI score0.00761EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/09 10:59 a.m.•2 views

Flash Player access restriction bypass vulnerability

Overview Flash Player contains an access restriction bypass vulnerability. When Flash Player references a different website than the site where Flash contents are hosted, the referenced site must be allowed access by the cross-domain policy file. Flash Player contains a vulnerability where access...

9.3CVSS6.1AI score0.05256EPSS
Exploits0References16
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/09 12:0 a.m.•33 views

JVN#48425028: Flash Player access restriction bypass vulnerability

When Flash Player references a different website than the site where Flash contents are hosted, the referenced site must be allowed access by the cross-domain policy file. Flash Player contains a vulnerability where access restrictions set by the cross-domain policy file may be bypassed. Impact...

9.3CVSS8.1AI score0.05256EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/04 10:11 a.m.•2 views

Ichitaro series vulnerable to arbitrary code execution

Overview The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. This vulnerability differs from JVN19173793, and other issues that were previously published on JVN. Impact When opening a specially crafted file...

9.3CVSS8AI score0.05557EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/04 10:10 a.m.•3 views

Ichitaro series vulnerable to arbitrary code execution

Overview The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. This vulnerability differs from JVN01948274, and other issues that were previously published on JVN. Impact When opening a specially crafted file...

9.3CVSS8AI score0.06065EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/04 12:0 a.m.•37 views

JVN#01948274: Ichitaro series vulnerable to arbitrary code execution

The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. Impact When opening a specially crafted file locally or through a website, an attacker may be able to execute arbitrary code. Solution Update the Software...

9.3CVSS6.9AI score0.05557EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/04 12:0 a.m.•25 views

JVN#19173793: Ichitaro series vulnerable to arbitrary code execution

The "Ichitaro" series word processing software, from JustSystems Corporation contains a vulnerability that may allow arbitrary code execution. Impact When opening a specially crafted file locally or through a website, an attacker may be able to execute arbitrary code. Solution Update the Software...

9.3CVSS6.9AI score0.06065EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/01 9:51 a.m.•4 views

GVim may insecurely load dynamic libraries

Overview GVim may use unsafe methods for determining how to load DLLs. GVim is a text editor. GVim loads certain DLL's when TXT files are opened. GVim contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Makoto Shiotsuki reported this vulnerability t...

9.3CVSS7.5AI score0.09263EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/11/01 12:0 a.m.•26 views

JVN#27868039: GVim may insecurely load dynamic libraries

GVim is a text editor. GVim loads certain DLL's when TXT files are opened. GVim contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update the...

9.3CVSS7.1AI score0.09263EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/29 11:36 a.m.•4 views

Active! mail 6 vulnerable to HTTP header injection

Overview Active! mail 6 from TransWARE Co. contains a HTTP header injection vulnerability. Active! mail 6 from TransWARE Co. is a web-based email software. Active! mail 6 contains a HTTP header injection vulnerability. Taketo Ikeuchi of Hitachi Solutions, Ltd. reported this vulnerability to IPA...

4.3CVSS7AI score0.01104EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/29 12:0 a.m.•29 views

JVN#72541530: Active! mail 6 vulnerable to HTTP header injection

Active! mail 6 from TransWARE Co. is a web-based email software. Active! mail 6 contains a HTTP header injection vulnerability. Impact Falsified information may be displayed or an arbitrary script may be executed on the user's web browser. HTTP response splitting attacks are also possible. Soluti...

4.3CVSS6.7AI score0.01104EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/26 7:52 a.m.•2 views

Apsaly may insecurely load executable files

Overview Apsaly may use unsafe methods for determining how to load executables .exe. Apsaly is a text editor that can interact with other applications. Apsaly loads certain executables when opening the folder that contains the file that is being edited, or when a particular sequence of actions ar...

6.9CVSS7.3AI score0.00283EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/26 7:51 a.m.•6 views

TeraPad may insecurely load dynamic libraries

Overview TeraPad may use unsafe methods for determining how to load DLLs. TeraPad is a text editor. TeraPad loads certain DLL's when TXT files are opened. TeraPad contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Makoto Shiotsuki reported this...

6.9CVSS7.5AI score0.00283EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/25 8:43 a.m.•1 views

Multiple Yokka provided products may insecurely load executable files

Overview Multiple products provided by Yokka may use unsafe methods for determining how to load executables .exe. Multiple products provided by Yokka such as text editors, contain an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerabili...

6.9CVSS7.5AI score0.00279EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/25 8:43 a.m.•4 views

Sleipnir and Grani may insecurely load executable files

Overview Sleipnir and Grani may use unsafe methods for determining how to load executables .exe. Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani load certain executables when displaying the source code of the HTML file currently being viewed. Sleipnir and Grani contain ...

6.9CVSS7.4AI score0.00295EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/25 8:42 a.m.•3 views

Sleipnir and Grani may insecurely load dynamic libraries

Overview Sleipnir and Grani may use unsafe methods for determining how to load DLLs. Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurel...

6.9CVSS7.4AI score0.00287EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/22 12:0 a.m.•28 views

JVN#07497935: Multiple Yokka provided products may insecurely load executable files

Multiple products provided by Yokka such as text editors, contain an issue with the file search path, which may insecurely load executables. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update the Software Update to the latest version...

6.9CVSS7.3AI score0.00279EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/22 12:0 a.m.•33 views

JVN#89272705: Sleipnir and Grani may insecurely load executable files

Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani load certain executables when displaying the source code of the HTML file currently being viewed. Sleipnir and Grani contain an issue with the file search path, which may insecurely load executables. Impact An attacker may...

6.9CVSS7.1AI score0.00295EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/22 12:0 a.m.•39 views

JVN#50610528: Sleipnir and Grani may insecurely load dynamic libraries

Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the...

6.9CVSS7.2AI score0.00287EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/21 12:0 a.m.•33 views

JVN#71138390: Apsaly may insecurely load executable files

Apsaly is a text editor that can interact with other applications. Apsaly loads certain executables when opening the folder that contains the file that is being edited, or when a particular sequence of actions are performed. Apsaly contains an issue with the file search path, which may insecurely...

6.9CVSS7.3AI score0.00283EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/21 12:0 a.m.•54 views

JVN#48097065: TeraPad may insecurely load dynamic libraries

TeraPad is a text editor. TeraPad loads certain DLL's when TXT files are opened. TeraPad contains an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Impact An attacker may execute arbitrary code with the privilege of running the application. Solution Update...

6.9CVSS7.2AI score0.00283EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 8:41 a.m.•3 views

Archive Decoder may insecurely load executable files

Overview Archive Decoder may use unsafe methods for determining how to load executables .exe. Archive Decoder is a file extraction software that supports multiple file en extracting files. Archive Decoder contains an issue with the file search path, which may insecurely load executables. Makoto...

6.9CVSS7.5AI score0.00283EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 8:41 a.m.•3 views

Explzh may insecurely load executable files

Overview Explzh may use unsafe methods for determining how to load executables .exe. Explzh is a file compression/extraction software supporting multiple file formats. Explzh loads certain executables .exe when extracting files. Explzh contains an issue with the file search path, which may...

6.9CVSS7.5AI score0.00365EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 8:41 a.m.•2 views

K2Editor may insecurely load executable files

Overview K2Editor may use unsafe methods for determining how to load executables .exe. K2Editor is a text editor. K2Editor loads certain executables .exe when opening the folder that contains the text file that is being edited. K2Editor contains an issue with the file search path, which may...

6.9CVSS7.5AI score0.00279EPSS
Exploits0References7
Japan Vulnerability Notes
Japan Vulnerability Notes
•added 2010/10/20 8:40 a.m.•3 views

XacRett may insecurely load executable files

Overview XacRett may use unsafe methods for determining how to load executables .exe. XacRett is a file extraction software that supports many file formats. XacRett loads certain executables .exe when extracting files. XacRett contains an issue with the file search path, which may insecurely load...

9.3CVSS7.5AI score0.02218EPSS
Exploits0References9
Total number of security vulnerabilities5625