Intrusion Prevention

Ichitaro.Office.Excel.File.Workbook.Stream.Heap.Overflow

Description

This indicates an attack attempt to exploit a Heap Overflow vulnerability in JustSystems Ichitaro Office.
The vulnerability is due to an error when the vulnerable software handles an Excel file with a malformed 0x3c record. An attacker can exploit this to execute arbitrary code within the context of the logged in user via a crafted XLS file.

Affected Products

JustSystems Ichitaro

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

CVE References

CVE-2017-2790