HIGH🇬🇧 English

CVE-2023-34366

CVSS 7.8v3.1pub. 2023-10-19upd. 2025-11-04

A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause memory corruption, resulting in arbitrary code execution. Victim would need to open a malicious file to trigger this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Justsystems Easy Postcard Max

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro 2021

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro 2022

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro 2023

    APP
    Justsystems
    1.0.1.59372
  • Justsystems Ichitaro Government 10

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Government 8

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Government 9

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Pro 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Pro 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Ichitaro Pro 5

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Government 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Government 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Government 5

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Office 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Office 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Office 5

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Police 3

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Police 4

    APP
    Justsystems
    wszystkie wersje
  • Justsystems Just Police 5

    APP
    Justsystems
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2022-36344CRITICAL9.8ten sam produkt

An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with mu...

CVE-2023-38128HIGH7.8ten sam produkt

An out-of-bounds write vulnerability exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372...

CVE-2023-35126HIGH7.8ten sam produkt

An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "Document...

CVE-2023-38127HIGH7.8ten sam produkt

An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially cra...

CVE-2023-22291HIGH7.0ten sam produkt

An invalid free vulnerability exists in the Frame stream parser functionality of Ichitaro 2022 1.0.1.57600. A ...