Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-35126: Multiple vulnerabilities in JustSystems products

An out-of-bounds write vulnerability exists within the parsers for both the “DocumentViewStyles” and “DocumentEditStyles” streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE
#vulnerability#cisco#intel

Published:2023/10/19 Last Updated:2023/10/19

Overview

Multiple products provided by JustSystems Corporation contain multiple vulnerabilities.

Products Affected

  • Ichitaro series
  • Rakuraku Hagaki series
  • JUST Office series
  • JUST Government series
  • JUST Police series

A wide range of products is affected. For the details, refer to the information provided by the developer.

Description

Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below.

  • Use after free (CWE-416) - CVE-2023-34366

    CVSS v3

    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

    Base Score: 3.3

    CVSS v2

    AV:L/AC:M/Au:N/C:N/I:N/A:P

    Base Score: 1.9

  • Integer overflow (CWE-190) - CVE-2023-38127

    CVSS v3

    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

    Base Score: 3.3

    CVSS v2

    AV:L/AC:M/Au:N/C:N/I:N/A:P

    Base Score: 1.9

  • Access of resource using incompatible type (Type confusion) (CWE-843) - CVE-2023-38128

    CVSS v3

    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

    Base Score: 3.3

    CVSS v2

    AV:L/AC:M/Au:N/C:N/I:N/A:P

    Base Score: 1.9

  • Improper validation of array index (CWE-129) - CVE-2023-35126

    CVSS v3

    CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

    Base Score: 3.3

    CVSS v2

    AV:L/AC:M/Au:N/C:N/I:N/A:P

    Base Score: 1.9

Impact

Processing a specially crafted file may lead to the product’s abnormal termination.

Solution

Apply the Patch
Apply the patch according to the information provided by the developer.
For more information, refer to the information provided by the developer.

Vendor Status

References

JPCERT/CC Addendum

The reporter states that arbitrary code execution is possible.
On the other hand, the developer states that impact of the vulnerabilities is abnormal termination only, as arbitrary code exaction has not been proven. From these, on this advisory the impact is described as abnormal termination only.

Vulnerability Analysis by JPCERT/CC

Credit

Cisco Talos Security Intelligence & Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solution through JVN.

Other Information

Related news

Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word

Research conducted by Cisco Talos last year uncovered multiple vulnerabilities rated as low severity despite their ability to allow for full arbitrary code execution.

9 vulnerabilities found in VPN software, including 1 critical issue that could lead to remote code execution

Attackers could exploit these vulnerabilities in the SoftEther VPN solution for individual and enterprise users to force users to drop their connections or execute arbitrary code on the targeted machine.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907