CVE-2022-36344

An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, Homepage Builder, JUST School, JUST Smile Class, JUST Smile, JUST Frontier, JUST Jump, and Tri-De DetaProtect.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:justsystems:atok_medical_2:*:*:*:*:*:windows:*:*
cpe:2.3:a:justsystems:atok_medical_3:*:*:*:*:*:windows:*:*
cpe:2.3:a:justsystems:atok_pro_3:*:*:*:*:*:windows:*:*
cpe:2.3:a:justsystems:atok_pro_4:*:*:*:*:*:windows:*:*
cpe:2.3:a:justsystems:atok_pro_5:*:*:*:*:*:windows:*:*
cpe:2.3:a:justsystems:hanako_police_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:hanako_police_6:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:hanako_police_7:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:hanako_pro_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:hanako_pro_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:hanako_pro_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:homepage_builder_20:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:homepage_builder_21:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:homepage_builder_22:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:ichitaro_government_10:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:ichitaro_government_8:-:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:ichitaro_government_9:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:ichitaro_pro_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:ichitaro_pro_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:ichitaro_pro_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_calc_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_calc_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_calc_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_focus_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_focus_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_frontier_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_government_2:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_government_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_government_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_government_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_jump_8:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_jump_class:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_jump_class_2:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_medical_2:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_medical_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_medical_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_medical_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_note_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_note_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_note_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_office_2:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_office_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_office_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_office_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_pdf_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_pdf_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_pdf_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_pdf_5:*:*:*:*:pro:*:*:*
cpe:2.3:a:justsystems:just_police_2:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_police_3:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_police_4:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_police_5:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_school_6:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_school_7:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_smile_6:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_smile_7:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_smile_8:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_smile_class_2:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:shuriken_pro_6:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:shuriken_pro_7:*:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:tri-de_dataprotect:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:12

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN57073973/index.html - Third Party Advisory () https://jvn.jp/en/jp/JVN57073973/index.html - Third Party Advisory
References () https://www.justsystems.com/jp/corporate/info/js22001.html - Vendor Advisory () https://www.justsystems.com/jp/corporate/info/js22001.html - Vendor Advisory

Information

Published : 2022-08-16 08:15

Updated : 2024-11-21 07:12


NVD link : CVE-2022-36344

Mitre link : CVE-2022-36344

CVE.ORG link : CVE-2022-36344


JSON object : View

Products Affected

justsystems

  • ichitaro_pro_4
  • just_office_3
  • atok_pro_4
  • just_office_5
  • just_calc_3
  • hanako_pro_4
  • just_police_4
  • just_school_7
  • just_government_4
  • ichitaro_government_8
  • just_focus_4
  • just_medical_5
  • just_note_5
  • just_smile_class_2
  • just_note_3
  • just_calc_5
  • just_government_2
  • just_police_5
  • just_smile_6
  • just_smile_7
  • hanako_police_6
  • just_medical_3
  • just_police_2
  • just_smile_8
  • just_government_3
  • just_office_2
  • just_jump_class_2
  • just_government_5
  • just_pdf_4
  • tri-de_dataprotect
  • atok_pro_5
  • hanako_police_5
  • just_focus_3
  • just_jump_8
  • just_pdf_3
  • just_medical_4
  • just_school_6
  • hanako_pro_3
  • hanako_police_7
  • atok_pro_3
  • ichitaro_government_9
  • just_medical_2
  • just_note_4
  • just_frontier_3
  • ichitaro_pro_3
  • just_jump_class
  • just_pdf_5
  • just_police_3
  • ichitaro_government_10
  • shuriken_pro_7
  • atok_medical_2
  • atok_medical_3
  • homepage_builder_20
  • homepage_builder_22
  • just_calc_4
  • just_office_4
  • hanako_pro_5
  • ichitaro_pro_5
  • shuriken_pro_6
  • homepage_builder_21
CWE
CWE-428

Unquoted Search Path or Element