CVE-2007-5687
JustSystems Ichitaro 2004-2007, 11-13 - Buffer Overflow via Rich Text Processing
Title source: llmDescription
Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 field, which is not properly handled in (a) JSTARO4.OCX; or (3) a long title, which is not properly handled by (b) TJSVDA.DLL.
References (14)
Core 14
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38130
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/26206
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/27393
Various Sources x_refsource_misc
http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-2
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/jp/JVN%2350495547/index.html
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/jp/JVN%2329211062/index.html
Various Sources x_refsource_misc
http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-3
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39394
Patch x_refsource_confirm
http://www.justsystems.com/jp/info/pd7004.html
Various Sources x_refsource_misc
http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20071025-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38129
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3623
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/jp/JVN%2332981509/index.html
Various Sources x_refsource_misc
http://www.ipa.go.jp/security/vuln/200710_Ichitaro.html
Scores
EPSS
0.0574
EPSS Percentile
92.2%
Details
CWE
CWE-119
Status
published
Products (8)
justsystem/ichitaro
11.0
justsystem/ichitaro
12.0
justsystem/ichitaro
13.0
justsystem/ichitaro
2004
justsystem/ichitaro
2005
justsystem/ichitaro
2006
justsystem/ichitaro
linux
justsystem/ichitaro
lite2
Published
Oct 28, 2007
Tracked Since
Feb 18, 2026