{"vulnerability": "CVE-2023-35126", "sightings": [{"uuid": "e5984187-24bb-4c4a-98cd-ae0bd11a3818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35126", "type": "seen", "source": "https://t.me/cibsecurity/72592", "content": "\u203c CVE-2023-35126 \u203c\n\nAn out-of-bounds write vulnerability exists within the parsers for both the \"DocumentViewStyles\" and \"DocumentEditStyles\" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a style record with the type 0x2008. A specially crafted document can cause memory corruption, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T20:34:37.000000Z"}, {"uuid": "2bf22c8e-2f40-48de-9622-393d3cfd5fbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35126", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10206", "content": "#exploit\n1. CVE-2024-2891:\nXbox GamingService Arbitrary Folder Move\nhttps://packetstormsecurity.com/files/177712/Xbox-GamingService-Arbitrary-Folder-Move.html\n\n2. Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word (CVE-2023-35126, CVE-2023-34366, CVE-2023-38127, CVE-2023-38128)\nhttps://blog.talosintelligence.com/exploiting-low-severity-vulnerability-using-a-frame-pointer-overwrite", "creation_timestamp": "2024-03-24T17:54:38.000000Z"}]}