Description
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://jvn.jp/en/vu/JVNVU93703434/index.html
Patch, Vendor Advisory x_refsource_misc
https://www.justsystems.com/jp/info/js17003.html
Scores
CVSS v3
7.8
EPSS
0.0131
EPSS Percentile
67.2%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (28)
Justsystem/Rakuraku Hagaki
Rakuraku Hagaki 2016
Justsystem/Rakuraku Hagaki
Rakuraku Hagaki 2017
Justsystem/Rakuraku Hagaki
Rakuraku Hagaki 2018
Justsystem/Rakuraku Hagaki Select for Ichitaro
Ichitaro 2011
Justsystem/Rakuraku Hagaki Select for Ichitaro
Ichitaro 2015
Justsystem/Rakuraku Hagaki Select for Ichitaro
Ichitaro 2016
Justsystem/Rakuraku Hagaki Select for Ichitaro
Ichitaro 2017
Justsystem/Rakuraku Hagaki Select for Ichitaro
Ichitaro 2017 Trial version
Justsystem/Rakuraku Hagaki Select for Ichitaro
Ichitaro Government 6
Justsystem/Rakuraku Hagaki Select for Ichitaro
Ichitaro Government 7
... and 18 more
Published
Nov 02, 2017
Tracked Since
Feb 18, 2026