PT-2010-1547 · Justsystems · Ichitaro Viewer+1

Yuji Ukai

Published

2010-04-06

Updated

2017-08-17

CVE-2009-4737

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions JustSystems Corporation Ichitaro versions 13, 2004 through 2009 JustSystems Corporation Ichitaro Viewer 2009 version 19.0.1.0 and earlier

Description The issue allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."

Recommendations For JustSystems Corporation Ichitaro versions 13, 2004 through 2009, avoid using the software to open crafted Rich Text Files until a fix is available. For JustSystems Corporation Ichitaro Viewer 2009 version 19.0.1.0 and earlier, consider restricting the use of the viewer for RTF files until the issue is resolved.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2009-4737

Affected Products

Ichitaro

Ichitaro Viewer

PT-2010-1547 · Justsystems · Ichitaro Viewer+1

CVE-2009-4737

Weakness Enumeration

Related Identifiers

Affected Products

References · 11