Notice on potential impact of a heap buffer overflow vulnerability in libwebp (WebP) towards Ricoh products and services
Last updated: 11.00 am on October 17, 2023 (2023-10-16T18:00:00+09:00)
First published: 01:00 pm on September 29, 2023 (2023-09-29T20:00:00+09:00)
Vulnerability Information ID | ricoh-2023-000003 |
Version | 1.01E |
CVE ID(CWE ID) | CVE-2023-4863 ( CWE-787 ) CVE-2023-5217 |
CVSSv3 score | 8.8 (HIGH) |
Ricoh understands the importance of security and is committed to managing its products and services with the most advanced security technologies possible for its customers worldwide.
Ricoh is aware of the reported "Heap buffer overflow vulnerability in libwebp / libvpx"(CVE-2023-4863/5217).
Heap buffer overflow allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
These vulnerabilities are known to be triggered by the use of features for viewing/browsing images and videos. Therefore, please make sure not to use RICOH products or services to view any untrusted sources (URLs or files).
The impact on Ricoh products and services are currently under investigation. Updates on impacted products and services and related countermeasures will be provided promptly on this page as they become available.
| About Ricoh |
Ricoh is a leading provider of integrated digital services and print and imaging solutions designed to support digital transformation of workplaces, workspaces and optimise business performance.
Headquartered in Tokyo, Ricoh’s global operation reaches customers in approximately 200 countries and regions, supported by cultivated knowledge, technologies, and organisational capabilities nurtured over its 85-year history. In the financial year ended March 2024, Ricoh Group had worldwide sales of 2,348 billion yen (approx. 15.5 billion USD).
It is Ricoh’s mission and vision to empower individuals to find Fulfilment through Work by understanding and transforming how people work so we can unleash their potential and creativity to realise a sustainable future.
For further information, please visit www.ricoh.com