High severity7.8NVD Advisory· Published Apr 28, 2017· Updated May 13, 2026
CVE-2017-2154
CVE-2017-2154
Description
Untrusted search path vulnerability in Hanako 2017, Hanako 2016, Hanako 2015, Hanako Pro 3, JUST Office 3 [Standard], JUST Office 3 [Eco Print Package], JUST Office 3 & Tri-De DataProtect Package, JUST Government 3, JUST Jump Class 2, JUST Frontier 3, JUST School 6 Premium, Hanako Police 5, JUST Police 3, Hanako 2017 trial version allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
Affected products
15cpe:2.3:a:justsystems:hanako:2015:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:justsystems:hanako:2015:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:hanako:2016:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:hanako:2017:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:hanako:2017:*:*:*:trial_version:*:*:*
- cpe:2.3:a:justsystems:hanako_police:5:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:hanako_pro:3:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:just_frontier:3:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:just_government:3:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:just_jump_class:2:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_office:3:*:*:*:eco_print_pack:*:*:*+ 2 more
- cpe:2.3:a:justsystems:just_office:3:*:*:*:eco_print_pack:*:*:*
- cpe:2.3:a:justsystems:just_office:3:*:*:*:standard:*:*:*
- cpe:2.3:a:justsystems:just_office:3:*:*:*:tri-de_dataprotect_pack:*:*:*
- cpe:2.3:a:justsystems:just_police:3:*:*:*:*:*:*:*
cpe:2.3:a:justsystems:just_school:6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:justsystems:just_school:6:*:*:*:*:*:*:*
- cpe:2.3:a:justsystems:just_school:6:*:*:*:premium:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- jvn.jp/en/jp/JVN54268888/index.htmlnvdThird Party AdvisoryVDB Entry
- www.justsystems.com/jp/info/js17002.htmlnvdVendor Advisory
News mentions
0No linked articles in our index yet.