PT-2013-1373 · Justsystems · Atok+2

Taku Kudo

Published

2013-01-18

Updated

2013-01-29

CVE-2009-4738

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions JustSystems Corporation ATOK versions 2006 through 2009 JustSystems Corporation ATOK flat-rate service Just Smile 4 with the ATOK Smile module

Description The issue allows physically proximate users to bypass the screen lock and execute commands with system privileges. This is related to launching external applications, but the exact vectors are unknown.

Recommendations For JustSystems Corporation ATOK versions 2006 through 2009, update to a version that addresses the issue of bypassing screen lock and executing commands with system privileges. For JustSystems Corporation ATOK flat-rate service, update to a version that addresses the issue of bypassing screen lock and executing commands with system privileges. For Just Smile 4 with the ATOK Smile module, update to a version that addresses the issue of bypassing screen lock and executing commands with system privileges.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2009-4738

Affected Products

Atok

Atok Flat-Rate Service

Just Smile 4

PT-2013-1373 · Justsystems · Atok+2

CVE-2009-4738

Related Identifiers

Affected Products

References · 6