CVE-2007-5687 Information

Feb 14, 2021 cve

Description

Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007 11 through 13 and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field which is not properly handled in (a) JSTARO4.OCX; or (3) a long title which is not properly handled by (b) TJSVDA.DLL.

Reference

http://jvn.jp/jp/JVN2329211062/index.html http://jvn.jp/jp/JVN2332981509/index.html http://jvn.jp/jp/JVN2350495547/index.html http://osvdb.org/39394 http://secunia.com/advisories/27393 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2 http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3 http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html http://www.justsystems.com/jp/info/pd7004.html http://www.securityfocus.com/bid/26206 http://www.vupen.com/english/advisories/2007/3623 https://exchange.xforce.ibmcloud.com/vulnerabilities/38129 https://exchange.xforce.ibmcloud.com/vulnerabilities/38130

Share on: