{"vulnerability": "cve-2023-34366", "sightings": [{"uuid": "c674495f-e827-4980-8f92-1a7acf25da12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34366", "type": "seen", "source": "https://t.me/cibsecurity/72611", "content": "\u203c CVE-2023-34366 \u203c\n\nA use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause memory corruption, resulting in arbitrary code execution. Victim would need to open a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T22:34:53.000000Z"}, {"uuid": "6ff5c003-cc09-479f-8166-ae2cab311b97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34366", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10206", "content": "#exploit\n1. CVE-2024-2891:\nXbox GamingService Arbitrary Folder Move\nhttps://packetstormsecurity.com/files/177712/Xbox-GamingService-Arbitrary-Folder-Move.html\n\n2. Dissecting a complex vulnerability and achieving arbitrary code execution in Ichitaro Word (CVE-2023-35126, CVE-2023-34366, CVE-2023-38127, CVE-2023-38128)\nhttps://blog.talosintelligence.com/exploiting-low-severity-vulnerability-using-a-frame-pointer-overwrite", "creation_timestamp": "2024-03-24T17:54:38.000000Z"}]}