JVN#50495547 Ichitaro series buffer overflow vulnerability

Overview

The "Ichitaro" series word processing software contains a buffer overflow vulnerability. This vulnerability is different from JVN#29211062 and JVN#32981509.

Products Affected

Ichitaro Viewer
Ichitaro 11
Ichitaro 12
Ichitaro 13
Ichitaro 2004
Ichitaro 2005
Ichitaro Bungei
Ichitaro 2006
Ichitaro Government 2006
Ichitaro 2007
Ichitaro Government 2007
Ichitaro 2007 trial version
Ichitaro Lite2
Ichitaro for Linux

Description

The "Ichitaro" series word processing software, from JustSystems Corporation, contains a buffer overflow vulnerability. If a user opens a specially crafted jtd file or views it on a web browser, an attacker could execute arbitrary code with the privileges of the user.

Impact

An attacker could execute arbitrary code with the privileges of the user who opened the specially crafted jtd file.

Solution

Update the Software
Apply the update module provided by JustSystems.

Vendor Status

Vendor	Link
JustSystems Corporation	http://www.justsystems.com/jp/info/pd7004.html

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Analyzed on 2007.10.25

Measures	Conditions	Severity
Access Required	Routed - can be attacked over the Internet using packets	High
Authentication	None - anonymous or no authentication (IP addresses do not count)	High
User Interaction Required	Simple - the user must be convinced to take a standard action that does not feel harmful to most users, such as click on a link or view a file	Medium
Exploit Complexity	Low-Medium - some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls)	Medium-High

Description of each analysis measures

Credit

Yuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE
JVN iPedia	JVNDB-2007-000878