CVE Tools

justsystems

Enterprise SoftwareJPcommercial

28

Cumulative CVEs

17

Monthly snapshots

#34

Peak rank

Top products

easy postcard max4 ichitaro 20214 ichitaro 20224

Latest CVEs

The 15 most recently published vulnerabilities affecting justsystems.

CVE-2023-38127An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause the parser to make an under-sized allocation, which can later a...7.8Oct 19, 2023
CVE-2023-34366A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause memory corruption, resulting in arbitrary code ...7.8Oct 19, 2023
CVE-2023-38128An out-of-bounds write vulnerability exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause a type confusion, which can lead to memory cor...7.8Oct 19, 2023
CVE-2023-35126An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of...7.8Oct 19, 2023
CVE-2022-43664A use-after-free vulnerability exists within the way Ichitaro Word Processor 2022, version 1.0.1.57600, processes protected documents. A specially crafted document can trigger reuse of freed memory...7.8Apr 5, 2023
CVE-2022-45115A buffer overflow vulnerability exists in the Attribute Arena functionality of Ichitaro 2022 1.0.1.57600. A specially crafted document can lead to memory corruption. An attacker can provide a malic...7.8Apr 5, 2023
CVE-2023-22660A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain LayoutBox stream record types. A specially crafted document can cause a buffer overf...7.0Apr 5, 2023
CVE-2023-22291An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A specially crafted document can lead to an attempt to free a stack pointer, which causes...7.0Apr 5, 2023
CVE-2022-36344An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the a...9.8Aug 16, 2022
CVE-2022-1542HPB Dashboard <= 1.3.1 - Admin+ Stored Cross Site Scripting4.8May 30, 2022
CVE-2017-10870Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro...7.8Nov 2, 2017
CVE-2017-2154Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, ...7.8Apr 28, 2017
CVE-2017-2791JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a functi...7.5Feb 24, 2017
CVE-2017-2790When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro Office trusts that the size is greater than zero, subtracts one from the length, and use...8.8Feb 24, 2017
CVE-2017-2789When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to determine how much data to copy from the document. If both of these values are larger than t...8.8Feb 24, 2017