January 17, 2008
Information-technology Promotion Agency, Japan (IPA, Chairman Buheita Fujiwara) has issued the Security Alert for Vulnerability in Multiple JustSystems Products on January 7, 2008.
This vulnerability allows an attacker to execute arbitrary code when a user of some JustSystems products, for example, Ichitaro, opens a specially crafted file obtained via web browsers or emails.
When exploited, an attacker could crash the user’s system or infect it with viruses or bots.
The solution and workaround vary depending on the affected product. For details, see the information provided by JustSystems and take appropriate action.
JustSystems Corporation is a provider of multiple domestic software popular in Japan.
Multiple JustSystems products, such as the Ichitaro series (Japanese word processor), Hanako (graphic software) and Sanshiro (spreadsheet), have a buffer overflow(*1) vulnerability which allows an attacker to execute arbitrary code when the target system processes a document file.
For information on the affected products, please refer to: http://www.justsystems.com/jp/info/pd8001.html (in Japanese)
This vulnerability is different from the Security Alert issued on October 25, 2007.
For the latest information on the vulnerability, please refer to: http://jvndb.jvn.jp/contents/en/2008/JVNDB-2008-000001.html
The following creditee reported this vulnerability to IPA on December 17, 2007. JPCERT Coordination Center (JPCERT/CC) coordinated with the product vendors and published the vulnerability on January 7, 2008, under Information Security Early Warning Partnership.
Credit: Yuji Ukai of Fourteenforty Research Institute, Inc.
An attacker could crash a user’s system or infect it with viruses or bots when the user views a specially crafted document obtained via web browsers or emails.
This may result in the attacker gaining control over the user’s computer.
Depending on the web browser, just accessing a file (URL) may be enough to get infected rather than explicitly opening the file after downloading it.
The solution and workaround vary depending on the affected product. Check out at the following URL and take appropriate action. http://www.justsystems.com/jp/info/pd8001.html (in Japanese)
(CVSS base score)
|CVSS base score||6.8|
|AV:Access Vector||□ Local||□ Adjacent
|AC:Access Complexity||□ High||■ Medium||□ Low|
|Au:Authentication||□ Multiple||□ Single||■ None|
|C:Confidentiality Impact||□ None||■ Partial||□ Complete|
|I:Integrity Impact||□ None||■ Partial||□ Complete|
|A:Availability Impact||□ None||■ Partial||□ Complete|
(*1) For more information on buffer overflow, please refer to
http://www.ipa.go.jp/security/awareness/vendor/programmingv2/cc10.html (in Japanese)
IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)