CVE-2014-2003

Name of the Vulnerable Software and Affected Versions JustSystems JUST Online Update versions prior to the version that includes the fix for this issue

Description The issue is related to the improper validation of signatures of update modules, which allows remote attackers to spoof modules and execute arbitrary code via a crafted signature. This affects products such as Ichitaro through 2014.

Recommendations For JustSystems JUST Online Update, update to a version that properly validates signatures of update modules to prevent remote attackers from spoofing modules and executing arbitrary code.