Vulnerability Description
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Justsystems | Easy Postcard 2016 | - |
| Justsystems | Easy Postcard 2017 | - |
| Justsystems | Easy Postcard 2018 | - |
| Justsystems | Ichitaro 2016 | - |
| Justsystems | Ichitaro 2017 | - |
| Justsystems | Ichitaro 2017 Trial Version | - |
| Justsystems | Ichitaro 2018 | - |
| Justsystems | Ichitaro Government 6 | - |
| Justsystems | Ichitaro Government 7 | - |
| Justsystems | Ichitaro Government 8 | - |
| Justsystems | Ichitaro Pro | - |
| Justsystems | Ichitaro Pro 2 | - |
| Justsystems | Ichitaro Pro 2011 | - |
| Justsystems | Ichitaro Pro 3 | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/vu/JVNVU93703434/index.htmlThird Party AdvisoryVDB Entry
- https://www.justsystems.com/jp/info/js17003.htmlPatchVendor Advisory
- https://jvn.jp/en/vu/JVNVU93703434/index.htmlThird Party AdvisoryVDB Entry
- https://www.justsystems.com/jp/info/js17003.htmlPatchVendor Advisory
FAQ
What is CVE-2017-10870?
CVE-2017-10870 is a vulnerability with a CVSS score of 7.8 (HIGH). Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 20...
How severe is CVE-2017-10870?
CVE-2017-10870 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-10870?
Check the references section above for vendor advisories and patch information. Affected products include: Justsystems Easy Postcard 2016, Justsystems Easy Postcard 2017, Justsystems Easy Postcard 2018, Justsystems Ichitaro 2016, Justsystems Ichitaro 2017.