GCVE - cpe:2.3:a:justsystems:ichitaro_government_8:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:justsystems:ichitaro_government_8:-:*:*:*:*:*:*:*

part: a version: - update: *

Vendor	Justsystems (`1b413bc6-6844-5405-901d-fb3124cbfe42`)
Product	Ichitaro Government 8 (`eea58691-3c87-52bb-abef-f48ac263c100`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-38128`	vulnerable	2026-06-03 14:52:30.348747	Details available HIGH (7.8) An out-of-bounds write vulnerability exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause a type confusion, which can lead to memory corruption and eventually arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Published: 2023-10-19T17:00:42.797Z Updated: 2025-02-13T17:01:45.749Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2023-1809 https://jvn.jp/en/jp/JVN28846531/index.html https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1809	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-38127`	vulnerable	2026-06-03 14:52:30.341617	Details available HIGH (7.8) An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause the parser to make an under-sized allocation, which can later allow for memory corruption, potentially resulting in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Published: 2023-10-19T17:00:43.288Z Updated: 2025-11-04T19:17:16.966Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2023-1808 https://jvn.jp/en/jp/JVN28846531/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-35126`	vulnerable	2026-06-03 14:52:17.809126	Details available HIGH (7.8) An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Published: 2023-10-19T16:02:29.998Z Updated: 2025-02-13T16:55:47.722Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2023-1825 https://jvn.jp/en/jp/JVN28846531/index.html https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1825	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-34366`	vulnerable	2026-06-03 14:52:16.553387	Details available HIGH (7.8) A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause memory corruption, resulting in arbitrary code execution. Victim would need to open a malicious file to trigger this vulnerability. Published: 2023-10-19T17:00:43.773Z Updated: 2025-11-04T19:16:47.534Z Open on db.gcve.eu Reference links https://talosintelligence.com/vulnerability_reports/TALOS-2023-1758 https://jvn.jp/en/jp/JVN28846531/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-36344`	vulnerable	2026-06-03 14:47:39.980633	Details available An unquoted search path vulnerability exists in 'JustSystems JUST Online Update for J-License' bundled with multiple products for corporate users as in Ichitaro through Pro5 and others. Since the affected product starts another program with an unquoted file path, a malicious file may be executed with the privilege of the Windows service if it is placed in a certain path. Affected products are bundled with the following product series: Office and Office Integrated Software, ATOK, Hanako, JUST PDF, Shuriken, Homepage Builder, JUST School, JUST Smile Class, JUST Smile, JUST Frontier, JUST Jump, and Tri-De DetaProtect. Published: 2022-08-16T07:03:05.000Z Updated: 2024-08-03T10:00:04.308Z Open on db.gcve.eu Reference links https://www.justsystems.com/jp/corporate/info/js22001.html https://jvn.jp/en/jp/JVN57073973/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-10870`	vulnerable	2026-06-03 14:36:27.276640	Details available Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for Ichitaro (Ichitaro 2017, Ichitaro 2016, Ichitaro 2015, Ichitaro Pro3, Ichitaro Pro2, Ichitaro Pro, Ichitaro 2011, Ichitaro Government 8, Ichitaro Government 7, Ichitaro Government 6 and Ichitaro 2017 Trial version) allows attackers to execute arbitrary code with privileges of the application via specially crafted file. Published: 2017-11-02T15:00:00.000Z Updated: 2024-08-05T17:50:12.579Z Open on db.gcve.eu Reference links https://jvn.jp/en/vu/JVNVU93703434/index.html https://www.justsystems.com/jp/info/js17003.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.