CVE-2007-5687
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.303 Low
EPSS
Percentile
97.0%
Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL.
Affected configurations
References
jvn.jp/jp/JVN%2329211062/index.html
jvn.jp/jp/JVN%2332981509/index.html
jvn.jp/jp/JVN%2350495547/index.html
osvdb.org/39394
secunia.com/advisories/27393
www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1
www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2
www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3
www.ipa.go.jp/security/vuln/200710_Ichitaro.html
www.justsystems.com/jp/info/pd7004.html
www.securityfocus.com/bid/26206
www.vupen.com/english/advisories/2007/3623
exchange.xforce.ibmcloud.com/vulnerabilities/38129
exchange.xforce.ibmcloud.com/vulnerabilities/38130
Related
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.303 Low
EPSS
Percentile
97.0%