CVE-2023-38127

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 19, 2023

Updated: Oct 25, 2023

CWE ID 190

Summary

CVE-2023-38127 is a vulnerability affecting Ichitaro 2023 1.0.1.59372. The issue lies in the "HyperLinkFrame" stream parser where an integer overflow occurs. A maliciously crafted document can cause the parser to make an under-sized allocation, leading to memory corruption. This corruption may result in arbitrary code execution, allowing an attacker to potentially gain control of the affected system by providing a specially crafted file.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

JustSystems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sByuuW
https://www.cve.org/CVERecord?id=CVE-2023-38127
https://nvd.nist.gov/vuln/detail/CVE-2023-38127

Back to Vulnerability Database

CVE-2023-38127

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations