CVE-2009-4737

Stack-based buffer overflow in JustSystems Corporation Ichitaro 13, 2004 through 2009, Viewer 2009 19.0.1.0 and earlier, and other versions allows context-dependent attackers to execute arbitrary code via a crafted Rich Text File (RTF), related to "pvpara ffooter."

Published: Apr 7, 2010
Updated: Apr 13, 2023
CVE: CVE-2009-4737
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
justsystems / ichitaro_viewer	20.0.2.0	20.0.2.0.x
justsystems / ichitaro	2009	2009.x
justsystems / ichitaro	13	13.x
justsystems / ichitaro	2006	2006.x
justsystems / ichitaro	bungei	bungei.x
justsystems / ichitaro	2008	2008.x
justsystems / ichitaro	2005	2005.x
justsystems / ichitaro	2007	2007.x
justsystems / ichitaro_viewer	19.0.1.0	19.0.1.0.x
justsystems / ichitaro	2004	2004.x

http://jvn.jp/en/jp/JVN33846134/index.html
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000018.html
http://secunia.com/advisories/34611
http://www.fourteenforty.jp/research/advisory.cgi?FFRRA-20090407
http://www.ipa.go.jp/security/vuln/documents/2009/200904_ichitaro.html
http://www.justsystems.com/jp/info/js09002.html
http://www.osvdb.org/53349
http://www.securityfocus.com/bid/34403
http://www.vupen.com/english/advisories/2009/0957
https://exchange.xforce.ibmcloud.com/vulnerabilities/49739

Vulnerability Database

289,697

CVE-2009-4737