Headline
CVE-2023-35126: Multiple vulnerabilities in JustSystems products
An out-of-bounds write vulnerability exists within the parsers for both the “DocumentViewStyles” and “DocumentEditStyles” streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
Published:2023/10/19 Last Updated:2023/10/19
Overview
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities.
Products Affected
- Ichitaro series
- Rakuraku Hagaki series
- JUST Office series
- JUST Government series
- JUST Police series
A wide range of products is affected. For the details, refer to the information provided by the developer.
Description
Multiple products provided by JustSystems Corporation contain multiple vulnerabilities listed below.
Use after free (CWE-416) - CVE-2023-34366
CVSS v3
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Base Score: 3.3
CVSS v2
AV:L/AC:M/Au:N/C:N/I:N/A:P
Base Score: 1.9
Integer overflow (CWE-190) - CVE-2023-38127
CVSS v3
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Base Score: 3.3
CVSS v2
AV:L/AC:M/Au:N/C:N/I:N/A:P
Base Score: 1.9
Access of resource using incompatible type (Type confusion) (CWE-843) - CVE-2023-38128
CVSS v3
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Base Score: 3.3
CVSS v2
AV:L/AC:M/Au:N/C:N/I:N/A:P
Base Score: 1.9
Improper validation of array index (CWE-129) - CVE-2023-35126
CVSS v3
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Base Score: 3.3
CVSS v2
AV:L/AC:M/Au:N/C:N/I:N/A:P
Base Score: 1.9
Impact
Processing a specially crafted file may lead to the product’s abnormal termination.
Solution
Apply the Patch
Apply the patch according to the information provided by the developer.
For more information, refer to the information provided by the developer.
Vendor Status
References
JPCERT/CC Addendum
The reporter states that arbitrary code execution is possible.
On the other hand, the developer states that impact of the vulnerabilities is abnormal termination only, as arbitrary code exaction has not been proven. From these, on this advisory the impact is described as abnormal termination only.
Vulnerability Analysis by JPCERT/CC
Credit
Cisco Talos Security Intelligence & Research Group reported these vulnerabilities to JustSystems Corporation and coordinated. JustSystems Corporation and JPCERT/CC published respective advisories in order to notify users of the solution through JVN.
Other Information
Related news
Research conducted by Cisco Talos last year uncovered multiple vulnerabilities rated as low severity despite their ability to allow for full arbitrary code execution.
Attackers could exploit these vulnerabilities in the SoftEther VPN solution for individual and enterprise users to force users to drop their connections or execute arbitrary code on the targeted machine.