CVE-2007-5687

Name of the Vulnerable Software and Affected Versions JustSystems Ichitaro versions 2004 through 2007 JustSystems Ichitaro versions 11 through 13

Description The issue concerns multiple buffer overflows in the rich text processing functionality. These overflows can be triggered by a long pard field or font name in the fcharset0 field, which is not properly handled in the JSTARO4.OCX component, or by a long title, which is not properly handled by the TJSVDA.DLL component. This can allow remote attackers to execute arbitrary code.

Recommendations For JustSystems Ichitaro versions 2004 through 2007, consider disabling the rich text processing functionality until a patch is available. For JustSystems Ichitaro versions 11 through 13, restrict access to the JSTARO4.OCX and TJSVDA.DLL components to minimize the risk of exploitation. As a temporary workaround, avoid using long pard fields, font names in the fcharset0 field, and long titles in the affected software until the issue is resolved.