CVE-2017-2791
Summary
| CVE | CVE-2017-2791 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-02-24 22:59:00 UTC |
| Updated | 2022-04-19 19:15:00 UTC |
| Description | JustSystems Ichitaro 2016 Trial contains a vulnerability that exists when trying to open a specially crafted PowerPoint file. Due to the application incorrectly handling the error case for a function's result, the application will use this result in a pointer calculation for reading file data into. Due to this, the application will read data from the file into an invalid address thus corrupting memory. Under the right conditions, this can lead to code execution under the context of the application. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Justsystems | Ichitaro | 2016 | All | All | All |
| Application | Justsystems | Ichitaro | 2016 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Cisco Talos - Talos 2016 0199 | MISC | www.talosintelligence.com | |
| 96440 | BID | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.