HIGH🇵🇱 Wersja polska

CVE-2023-35126

CVSS 7.8v3.1pub. 2023-10-19upd. 2024-11-21

An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Justsystems Easy Postcard Max

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro 2021

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro 2022

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro 2023

    APP
    Justsystems
    1.0.1.59372
  • Justsystems Ichitaro Government 10

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Government 8

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Government 9

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Pro 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Pro 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Pro 5

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Government 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Government 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Government 5

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Office 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Office 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Office 5

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Police 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Police 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Police 5

    APP
    Justsystems
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2022-36344CRITICAL9.8ten sam produkt

An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with mu...

CVE-2023-38128HIGH7.8ten sam produkt

An out-of-bounds write vulnerability exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372...

CVE-2023-34366HIGH7.8ten sam produkt

A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372....

CVE-2023-38127HIGH7.8ten sam produkt

An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially cra...

CVE-2023-22291HIGH7.0ten sam produkt

An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A ...