CVE-2006-6400

Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.

Published: Dec 10, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-6400
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
justsystem / ichitaro	-	-
justsystem / ichitaro_lite2	r2	r2.x
justsystem / hanako	2004	2004.x
justsystem / sanshiro	2005	2005.x
justsystem / hanako	2006	2006.x
justsystem / ichitaro	2006	2006.x
justsystem / ichitaro_viewer	4.0	4.0.x
justsystem / ichitaro	2005	2005.x
justsystem / ichitaro_lite2	-	-
justsystem / hanako_viewer	1.0	1.0.x
justsystem / hanako	2005	2005.x

http://jvn.jp/jp/JVN%2347272891/index.html
http://secunia.com/advisories/23185
http://securitytracker.com/id?1017336
http://www.justsystem.co.jp/info/pd6005.html
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html
http://www.securityfocus.com/bid/21445
http://www.vupen.com/english/advisories/2006/4857

Vulnerability Database

289,782

CVE-2006-6400