CVE-2023-22660 - Vulnerability Details - OpenCVE

A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain LayoutBox stream record types. A specially crafted document can cause a buffer overflow, leading to memory corruption, which can result in arbitrary code execution.To trigger this vulnerability, the victim would need to open a malicious, attacker-created document.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable no

Technical Impact total

Vendors	Products
Justsystems	Ichitaro 2022

Configuration 1 [-]

cpe:2.3:a:justsystems:ichitaro_2022:1.0.1.57600:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://jvn.jp/en/jp/JVN79149117/
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1722

History

Mon, 10 Feb 2025 18:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1722

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2023-04-05T15:18:02.497Z

Updated: 2025-02-10T18:05:08.035Z

Reserved: 2023-02-07T16:57:00.264Z

Link: CVE-2023-22660

Vulnrichment

Updated: 2024-08-02T10:13:49.815Z

NVD

Status : Modified

Published: 2023-04-05T16:15:07.983

Modified: 2024-11-21T07:45:09.133

Link: CVE-2023-22660

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-22660", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2023-02-07T16:57:00.264Z", "datePublished": "2023-04-05T15:18:02.497Z", "dateUpdated": "2025-02-10T18:05:08.035Z"}, "containers": {"cna": {"affected": [{"vendor": "Ichitaro", "product": "Ichitaro", "versions": [{"version": "2022 1.0.1.57600", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain LayoutBox stream record types. A specially crafted document can cause a buffer overflow, leading to memory corruption, which can result in arbitrary code execution.To trigger this vulnerability, the victim would need to open a malicious, attacker-created document."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE", "cweId": "CWE-122"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-04-05T15:18:02.497Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722"}, {"url": "https://jvn.jp/en/jp/JVN79149117/", "name": "https://jvn.jp/en/jp/JVN79149117/"}], "credits": [{"lang": "en", "value": "Discovered by a member of Cisco Talos."}]}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1722"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/jp/JVN79149117/", "name": "https://jvn.jp/en/jp/JVN79149117/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:13:49.815Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-10T18:05:02.820804Z", "id": "CVE-2023-22660", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-10T18:05:08.035Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1722"}, {"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722", "tags": ["x_transferred"]}, {"url": "https://jvn.jp/en/jp/JVN79149117/", "name": "https://jvn.jp/en/jp/JVN79149117/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:13:49.815Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-22660", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-10T18:05:02.820804Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-10T18:04:01.158Z"}}], "cna": {"credits": [{"lang": "en", "value": "Discovered by a member of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Ichitaro", "product": "Ichitaro", "versions": [{"status": "affected", "version": "2022 1.0.1.57600"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722"}, {"url": "https://jvn.jp/en/jp/JVN79149117/", "name": "https://jvn.jp/en/jp/JVN79149117/"}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain LayoutBox stream record types. A specially crafted document can cause a buffer overflow, leading to memory corruption, which can result in arbitrary code execution.To trigger this vulnerability, the victim would need to open a malicious, attacker-created document."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-04-05T15:18:02.497Z"}}}, "cveMetadata": {"cveId": "CVE-2023-22660", "state": "PUBLISHED", "dateUpdated": "2025-02-10T18:05:08.035Z", "dateReserved": "2023-02-07T16:57:00.264Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2023-04-05T15:18:02.497Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:ichitaro_2022:1.0.1.57600:*:*:*:*:*:*:*", "matchCriteriaId": "06455E2A-BB74-437E-85AC-3DAC51ED78F4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow vulnerability exists in the way Ichitaro version 2022 1.0.1.57600 processes certain LayoutBox stream record types. A specially crafted document can cause a buffer overflow, leading to memory corruption, which can result in arbitrary code execution.To trigger this vulnerability, the victim would need to open a malicious, attacker-created document."}], "id": "CVE-2023-22660", "lastModified": "2024-11-21T07:45:09.133", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-05T16:15:07.983", "references": [{"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://jvn.jp/en/jp/JVN79149117/"}, {"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://jvn.jp/en/jp/JVN79149117/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1722"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1722"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "talos-cna@cisco.com", "type": "Secondary"}]}