HIGH🇵🇱 Wersja polska

CVE-2017-2791

CVSS 7.5v3.0pub. 2017-02-24upd. 2026-05-13

JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application.

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Justsystems Ichitaro

    APP
    Justsystems
    2016
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2017-2789HIGH8.8ten sam produkt

When copying filedata into a buffer, JustSystems Ichitaro Office 2016 Trial will calculate two values to deter...

CVE-2017-2790HIGH8.8ten sam produkt

When processing a record type of 0x3c from a Workbook stream from an Excel file (.xls), JustSystems Ichitaro O...

CVE-2014-7247HIGH10.0ten sam produkt

Unspecified vulnerability in JustSystems Ichitaro 2008 through 2011; Ichitaro Government 6, 7, 2008, 2009, and...

CVE-2014-2003HIGH7.6ten sam produkt

JustSystems JUST Online Update, as used in Ichitaro through 2014 and other products, does not properly validat...

CVE-2013-5990HIGH9.3ten sam produkt

Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 throug...