Java's Vulnerabilities in HULFT Products
July 28, 2017
Dear Customers
Saison Information Systems Co., Ltd.
HULFT Division
This is a report regarding the Java's vulnerabilities (such as CVE-2017-10110) in HULFT Series products.
1. Vulnerability Information
Vulnerabilities in Java have been announced (such as CVE-2017-10110). If misused by attackers, any code (command) can be executed and may control your computer.
You can learn more here:
2. Investigation Status
We would like to explain the effects of the vulnerabilities mentioned above on HULFT Series products.
The following is the HULFT Series Products Investigation Status as of 9:00 on July 28th, 2017
| Product Name | Investigation Status |
| HULFT | No effect |
| HULFT8 Script Option | The following five vulnerability effects are found: CVE-2017-10115, CVE-2017-10118, CVE-2017-10176, CVE-2017-10135, CVE-2017-10198 Since HULFT8 Script Option uses Java, which is already included in the products, HULFT does not guarantee if you update by yourself and/or use the external Java. Please do not execute Java update at your end. We are planning to modify at the future release. The release time is not scheduled yet. We will keep you updated the information once we finalize the release time. |
| HULFT IoT | The following seven vulnerability effects are found: CVE-2017-10108, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10176, CVE-2017-10135, CVE-2017-10198 For customers who are using Oracle Java, please apply the latest update to your Java Runtime Environment version. |
| HULFT-HUB | No effect |
| HULFT-DataMagic(Ver.2) DataMagic(Ver.3) |
No effect |
| HULFT-WebFT (Ver.2) HULFT-WebFileTransfer (Ver.3) |
The following seven vulnerability effects are found: CVE-2017-10108, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10176, CVE-2017-10135, CVE-2017-10198 For customers who are using Oracle Java, please apply the latest update to your Java Runtime Environment version. |