CVE-2006-6400
JustSystems Hanako 2004-2006 - Buffer Overflow via Keyword or Title Field
Title source: llmDescription
Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.
References (7)
Core 7
Core References
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/jp/JVN%2347272891/index.html
Various Sources x_refsource_confirm
http://www.justsystem.co.jp/info/pd6005.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1017336
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4857
Patch, Vendor Advisory x_refsource_misc
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/21445
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23185
Scores
EPSS
0.0303
EPSS Percentile
86.0%
Details
CWE
CWE-119
Status
published
Products (11)
justsystem/hanako
2004
justsystem/hanako
2005
justsystem/hanako
2006
justsystem/hanako_viewer
1.0
justsystem/ichitaro
justsystem/ichitaro
2005
justsystem/ichitaro
2006
justsystem/ichitaro_lite2
justsystem/ichitaro_lite2
r2
justsystem/ichitaro_viewer
4.0
... and 1 more
Published
Dec 10, 2006
Tracked Since
Feb 18, 2026