Back to KEVs

CVE-2007-6436

Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary...

Basic Information

CVE State
PUBLISHED
Reserved Date
December 18, 2007
Published Date
December 18, 2007
Last Updated
August 07, 2024
Vendor
JustSystems
Product
Ichitaro
Description
Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted document, as actively exploited in December 2007 by the Tarodrop.F trojan. NOTE: some of these details are obtained from third party information.

CVSS Scores

CVSS v2.0

9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploit Status

Exploited in the Wild
Yes (2007-12-18 20:00:00 UTC) Source

References

http://www.osvdb.org/39395 http://www.symantec.com/security_response/writeup.jsp?docid=2007-121308-3953-99 https://exchange.xforce.ibmcloud.com/vulnerabilities/39025 http://www.vupen.com/english/advisories/2007/4213 http://secunia.com/advisories/27992

Known Exploited Vulnerability Information

Source Added Date
CVE 2007-12-18 20:00:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel