PatchSiren cyber security CVE debrief
CVE-2017-2791 Justsystems CVE debrief
CVE-2017-2791 is a high-severity memory-corruption issue in JustSystems Ichitaro 2016 Trial that can be triggered when the application opens a specially crafted PowerPoint file. According to the NVD summary, the bug comes from incorrect handling of an error return, which is then used in a pointer calculation while reading file data. That can cause the application to read into an invalid address, corrupt memory, and, under the right conditions, lead to code execution in the application context.
- Vendor
- Justsystems
- Product
- CVE-2017-2791
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-24
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-24
- Advisory updated
- 2026-05-13
Who should care
Administrators and users of JustSystems Ichitaro 2016 Trial, especially environments where documents from untrusted or external sources are opened. Security teams responsible for document handling controls, endpoint protection, and software inventory should also review exposure.
Technical summary
NVD maps this issue to CPE cpe:2.3:a:justsystems:ichitaro:2016:*:*:*:trial:*:*:* and CWE-119. The CVSS v3.0 vector is AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H, reflecting that user interaction is required and exploitation is considered higher complexity, but successful impact can be severe. The vulnerability is described as a parsing flaw involving a specially crafted PowerPoint file and improper use of a failed function result in pointer arithmetic, leading to memory corruption.
Defensive priority
High for any environment that uses the affected trial version and opens untrusted presentation files. Even though user interaction is required, the potential impact includes full compromise of the application context.
Recommended defensive actions
- Confirm whether JustSystems Ichitaro 2016 Trial is installed and treat it as affected if present.
- Apply any vendor- or maintainer-recommended update or mitigation referenced by the official vulnerability record and Talos advisory.
- Restrict opening PowerPoint files from untrusted sources in the affected application until remediation is in place.
- Use email, gateway, and endpoint controls to scan or sandbox incoming presentation files before users open them.
- Reduce the impact of document-borne attacks by running users with the least privilege practical for their role.
- Monitor for crashes or abnormal behavior when opening presentation files, and treat repeated failures as potential security events.
Evidence notes
The description and impact summary come from the supplied NVD record for CVE-2017-2791. NVD lists the affected product as JustSystems Ichitaro 2016 Trial, identifies CWE-119, and provides the CVSS v3.0 vector AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. NVD also cites a Talos advisory (TALOS-2016-0199) and SecurityFocus BID 96440 as references.
Official resources
Originally published by the CVE/NVD record on 2017-02-24T22:59:00.213Z. The supplied NVD record was last modified on 2026-05-13T00:24:29.033Z.