CVE-2023-38127

Name of the Vulnerable Software and Affected Versions Ichitaro 2023 version 1.0.1.59372

Description An integer overflow exists in the HyperLinkFrame stream parser. A specially crafted document can cause the parser to make an under-sized allocation, which can later allow for memory corruption, potentially resulting in arbitrary code execution. An attacker can provide a malicious file to trigger this issue.

Recommendations For Ichitaro 2023 version 1.0.1.59372, consider avoiding the use of the HyperLinkFrame stream parser until a patch is available. As a temporary workaround, restrict the opening of documents from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.