Lucene search
+L
JustsystemsJust Office 5

5 matches found

CVE
CVE
added 2022/08/16 7:3 a.m.78 views

CVE-2022-36344

CVE-2022-36344 describes an unquoted search path vulnerability in JustSystems JUST Online Update for J-License, bundled with various corporate products (Ichitaro through Pro5 and others). The root cause is an unquoted file path used to start a secondary program from the Windows service, enabling ...

9.8CVSS9.5AI score0.00737EPSS
CVE
CVE
added 2023/10/19 5:0 p.m.54 views

CVE-2023-34366

CVE-2023-34366 affects Ichitaro 2023 Word Processor (JustSystems). Cisco Talos documents a use-after-free in the Figure stream parsing for the DocumentViewStyles/DocumentEditStyles streams, leading to memory corruption and potential arbitrary code execution when a malicious file is opened. Techni...

7.8CVSS8AI score0.00643EPSS
CVE
CVE
added 2023/10/19 4:2 p.m.54 views

CVE-2023-35126

CVE-2023-35126 affects JustSystems Ichitaro 2023 where the vulnerability resides in the parsing of the DocumentViewStyles and DocumentEditStyles streams (record type 0x2008). The root cause is an out-of-bounds index into a 6-element lv_objects array used during readStyleType(2008), which enables ...

7.8CVSS8AI score0.00484EPSS
CVE
CVE
added 2023/10/19 5:0 p.m.50 views

CVE-2023-38127

CVE-2023-38127 : An integer overflow in Ichitaro 2023 (version 1.0.1.59372) HyperLinkFrame stream parsing can cause an under-sized allocation, enabling memory corruption and potential arbitrary code execution via a crafted document. The vulnerability is exposed during parsing of the DocumentViewS...

7.8CVSS8.1AI score0.00647EPSS
CVE
CVE
added 2023/10/19 5:0 p.m.46 views

CVE-2023-38128

CVE-2023-38128 : In Ichitaro 2023 (version 1.0.1.59372), a vulnerability exists in the HyperLinkFrame stream parser that allows an out-of-bounds write, causing a type confusion, memory corruption, and potential arbitrary code execution. Cisco Talos details a chain where an input document’s 0x2008...

7.8CVSS8.2AI score0.00678EPSS