Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2022-36344

An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, Homepage Builder, JUST School, JUST Smile Class, JUST Smile, JUST Frontier, JUST Jump, and Tri-De DetaProtect.

  • Published: Aug 16, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-36344
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
justsystems / hanako_police_7 - -
justsystems / hanako_police_6 - -
justsystems / hanako_police_5 - -
justsystems / just_smile_7 - -
justsystems / just_smile_8 - -
justsystems / just_smile_class_2 - -
justsystems / just_government_2 - -
justsystems / just_government_5 - -
justsystems / just_government_4 - -
justsystems / homepage_builder_21 - -
justsystems / homepage_builder_22 - -
justsystems / just_school_7 - -
justsystems / just_school_6 - -
justsystems / homepage_builder_20 - -
justsystems / shuriken_pro_6 - -
justsystems / just_pdf_4 - -
justsystems / just_pdf_3 - -
justsystems / shuriken_pro_7 - -
justsystems / just_pdf_5 - -
justsystems / just_focus_4 - -
justsystems / just_focus_3 - -
justsystems / just_note_5 - -
justsystems / just_note_4 - -
justsystems / just_note_3 - -
justsystems / just_calc_5 - -
justsystems / just_calc_3 - -
justsystems / just_calc_4 - -
justsystems / ichitaro_pro_4 - -
justsystems / ichitaro_pro_5 - -
justsystems / hanako_pro_3 - -
justsystems / hanako_pro_4 - -
justsystems / hanako_pro_5 - -
justsystems / atok_pro_4 - -
justsystems / atok_pro_5 - -
justsystems / atok_medical_2 - -
justsystems / just_frontier_3 - -
justsystems / just_smile_6 - -
justsystems / just_jump_class_2 - -
justsystems / just_jump_8 - -
justsystems / just_jump_class - -
justsystems / tri-de_dataprotect - -
justsystems / atok_medical_3 - -
justsystems / atok_pro_3 - -
justsystems / ichitaro_pro_3 - -
justsystems / just_medical_4 - -
justsystems / just_medical_3 - -
justsystems / just_medical_2 - -
justsystems / just_medical_5 - -
justsystems / just_police_4 - -
justsystems / just_police_3 - -
justsystems / just_police_2 - -
justsystems / ichitaro_government_9 - -
justsystems / ichitaro_government_10 - -
justsystems / just_police_5 - -
justsystems / just_government_3 - -
justsystems / just_office_4 - -
justsystems / just_office_2 - -
justsystems / just_office_5 - -
justsystems / just_office_3 - -