CVE-2023-22660

Name of the Vulnerable Software and Affected Versions Ichitaro version 2022 1.0.1.57600

Description A heap-based buffer overflow issue exists in the way Ichitaro processes certain LayoutBox stream record types. This can be triggered by a specially crafted document, causing a buffer overflow, leading to memory corruption, and potentially resulting in arbitrary code execution. The victim would need to open a malicious document to trigger this issue.

Recommendations For Ichitaro version 2022 1.0.1.57600, consider avoiding the use of LayoutBox stream record types until a patch is available. As a temporary workaround, restrict the opening of documents from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.