CVE-2023-35126

{"id": "CVE-2023-35126", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-10-19T17:15:10.000", "references": [{"url": "https://jvn.jp/en/jp/JVN28846531/index.html", "tags": ["Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1825", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1825", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-129"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds write vulnerability exists within the parsers for both the \"DocumentViewStyles\" and \"DocumentEditStyles\" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de escritura fuera de l\u00edmites dentro de los analizadores para las secuencias \"DocumentViewStyles\" y \"DocumentEditStyles\" de Ichitaro 2023 1.0.1.59372 al procesar los tipos 0x0000-0x0009 de un registro de estilo con el tipo 0x2008. Un documento especialmente manipulado puede provocar da\u00f1os en la memoria, lo que puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede proporcionar un archivo malicioso para desencadenar esta vulnerabilidad."}], "lastModified": "2023-10-25T14:48:30.890", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:easy_postcard_max:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D68E98B0-38CA-4148-825D-CF7C8AABB5BE"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_2021:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1755383C-2B74-4DD7-9C9B-DB19C12CA94D"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_2022:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1274E0AB-BDE0-45FB-B3A2-522E3AE4E41A"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_2023:1.0.1.59372:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15B1DC82-380D-4CF4-AF35-4AF2A1CBF778"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_government_10:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A1C403A-6787-4347-AF6F-69F225944011"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_government_8:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E401B098-6551-4101-9906-19C2AB7A5504"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_government_9:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65A56D02-7438-4319-BFD1-64FB11BC758C"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_pro_3:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36AE4633-5418-4009-B51D-4A1F542B1A88"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_pro_4:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21A4F85C-EA95-4853-9A8C-C3C9142243A8"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro_pro_5:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76FAE0E6-1037-45AC-A277-8F32338A50AD"}, {"criteria": "cpe:2.3:a:justsystems:just_government_3:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "552D41EF-A5DB-4ED0-B404-FF2649969B11"}, {"criteria": "cpe:2.3:a:justsystems:just_government_4:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F61D3C1-0011-4D78-83F8-2349D46AFE59"}, {"criteria": "cpe:2.3:a:justsystems:just_government_5:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC99A5A2-32B0-4F38-A2B1-FAC50A05FBEF"}, {"criteria": "cpe:2.3:a:justsystems:just_office_3:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7814DB96-4078-47B8-93B2-5066029B6F65"}, {"criteria": "cpe:2.3:a:justsystems:just_office_4:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D8E2A1A-7C06-491F-8A28-BE70EFCDDFFF"}, {"criteria": "cpe:2.3:a:justsystems:just_office_5:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD6F3523-7059-4591-9D04-97D287128D6E"}, {"criteria": "cpe:2.3:a:justsystems:just_police_3:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5ED46089-ED5B-4314-B079-A8932377475E"}, {"criteria": "cpe:2.3:a:justsystems:just_police_4:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3B6B97E-B202-4B1F-9B81-367CB7172DEB"}, {"criteria": "cpe:2.3:a:justsystems:just_police_5:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B5D80C5-5821-416E-A3E3-ADC7F221B093"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}