CVE-2006-6400

critical

Description

Buffer overflow in JustSystems Hanako 2004 through 2006, Hanako viewer 1.x, Ichitaro 2004, Ichitaro 2005, Ichitaro Lite2, Ichitaro viewer 4.x, and Sanshiro 2005 allows remote attackers to execute arbitrary code via the (1) Keyword and (2) Title fields, related to string length fields.

References

http://www.vupen.com/english/advisories/2006/4857

http://www.securityfocus.com/bid/21445

http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/92_e.html

http://www.justsystem.co.jp/info/pd6005.html

http://securitytracker.com/id?1017336

http://secunia.com/advisories/23185

http://jvn.jp/jp/JVN%2347272891/index.html

Details

Source: Mitre, NVD

Published: 2006-12-10

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.04663