← back
CVE-2007-5687

CVE-2007-5687

EPSS 5.7%
Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://jvn.jp/jp/JVN%2329211062/index.htmlhttp://jvn.jp/jp/JVN%2332981509/index.htmlhttp://jvn.jp/jp/JVN%2350495547/index.htmlhttp://osvdb.org/39394http://secunia.com/advisories/27393https://exchange.xforce.ibmcloud.com/vulnerabilities/38129https://exchange.xforce.ibmcloud.com/vulnerabilities/38130http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3http://www.ipa.go.jp/security/vuln/200710_Ichitaro.htmlhttp://www.justsystems.com/jp/info/pd7004.html