{"vulnerability": "CVE-2023-38128", "sightings": [{"uuid": "4c5601c2-d32d-44f7-8795-278adef83b34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38128", "type": "seen", "source": "https://t.me/cibsecurity/72600", "content": "\u203c CVE-2023-38128 \u203c\n\nAn out-of-bounds write vulnerability exists in the \"HyperLinkFrame\" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause a type confusion, which can lead to memory corruption and eventually arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T22:34:40.000000Z"}, {"uuid": "73a5e5b4-58cf-4c83-9354-575b9361f9f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38128", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10206", "content": "#exploit\n1. CVE-2024-2891:\nXbox GamingService Arbitrary Folder Move\nhttps://packetstormsecurity.com/files/177712/Xbox-GamingService-Arbitrary-Folder-Move.html\n\n2. Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word (CVE-2023-35126, CVE-2023-34366, CVE-2023-38127, CVE-2023-38128)\nhttps://blog.talosintelligence.com/exploiting-low-severity-vulnerability-using-a-frame-pointer-overwrite", "creation_timestamp": "2024-03-24T17:54:38.000000Z"}]}