CVE-2023-38128

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 19, 2023

Updated: Oct 25, 2023

CWE ID 787

CWE ID 843

Summary

CVE-2023-38128 is a critical vulnerability affecting Ichitaro 2023 1.0.1.59372. The issue lies in the "HyperLinkFrame" stream parser, where an out-of-bounds write occurs due to a type confusion. A maliciously crafted document can exploit this vulnerability, resulting in memory corruption. Ultimately, an attacker can leverage this memory corruption to execute arbitrary code.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

JustSystems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sB0ST9
https://www.cve.org/CVERecord?id=CVE-2023-38128
https://nvd.nist.gov/vuln/detail/CVE-2023-38128

Back to Vulnerability Database

CVE-2023-38128

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations