Lucene search

PRIOn knowledge basePRION:CVE-2007-5687

HistoryOct 28, 2007 - 5:08 p.m.

Buffer overflow

2007-10-2817:08:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

0.303 Low

EPSS

Percentile

97.0%

JSON

Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL.

CPENameOperatorVersion
ichitaroeq2.0.0-lite
ichitaroeq11.0
ichitaroeq2006
ichitaroeq2005
ichitaroeq12.0
ichitaroeq13.0
ichitaroeq2004

Name	Operator	Version
ichitaro	eq	2.0.0-lite
ichitaro	eq	11.0
ichitaro	eq	2006
ichitaro	eq	2005
ichitaro	eq	12.0
ichitaro	eq	13.0
ichitaro	eq	2004

References

jvn.jp/jp/JVN%2329211062/index.html

jvn.jp/jp/JVN%2332981509/index.html

jvn.jp/jp/JVN%2350495547/index.html

osvdb.org/39394

secunia.com/advisories/27393

www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1

www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2

www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3

www.ipa.go.jp/security/vuln/200710_Ichitaro.html

www.justsystems.com/jp/info/pd7004.html

www.securityfocus.com/bid/26206

www.vupen.com/english/advisories/2007/3623

exchange.xforce.ibmcloud.com/vulnerabilities/38129

exchange.xforce.ibmcloud.com/vulnerabilities/38130