These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2017-2791 is a high-severity memory-corruption issue in JustSystems Ichitaro 2016 Trial that can be triggered when the application opens a specially crafted PowerPoint file. According to the NVD summary, the bug comes from incorrect handling of an error return, which is then used in a pointer calculation while reading file data. That can cause the application to read into an invalid address, corrupt m [truncated]
CVE-2017-2790 is a high-severity memory corruption issue in JustSystems Ichitaro Office's handling of Excel .xls Workbook stream data. The vulnerability is triggered when the application processes record type 0x3c and incorrectly trusts the record size, subtracts one from the length, and then uses that derived value as the size argument to memcpy. That logic can produce a heap-based buffer overflow and ma [truncated]
CVE-2017-2789 is a high-severity memory corruption issue in JustSystems Ichitaro Office 2016 Trial. When the application copies file data from a document, it compares two calculated lengths and, if both exceed the destination buffer size, selects the smaller value to control the copy. Because that chosen value is still larger than the buffer, the copy can overflow heap memory, corrupt internal data, and p [truncated]