Font Size Change

HOMEIT SecurityMeasures for Information Security VulnerabilitiesIPA/ISEC:Vulnerabilities:Security Alert for Vulnerability in Multiple JustSystems Products

PRINT PAGE

IT Security

IPA/ISEC:Vulnerabilities:Security Alert for Vulnerability in Multiple JustSystems Products

January 17, 2008
>> JAPANESE

Information-technology Promotion Agency, Japan (IPA, Chairman Buheita Fujiwara) has issued the Security Alert for Vulnerability in Multiple JustSystems Products on January 7, 2008.
This vulnerability allows an attacker to execute arbitrary code when a user of some JustSystems products, for example, Ichitaro, opens a specially crafted file obtained via web browsers or emails.
When exploited, an attacker could crash the user’s system or infect it with viruses or bots.
The solution and workaround vary depending on the affected product. For details, see the information provided by JustSystems and take appropriate action.

1.Overview

JustSystems Corporation is a provider of multiple domestic software popular in Japan.
Multiple JustSystems products, such as the Ichitaro series (Japanese word processor), Hanako (graphic software) and Sanshiro (spreadsheet), have a buffer overflow(*1) vulnerability which allows an attacker to execute arbitrary code when the target system processes a document file.

For information on the affected products, please refer to: http://www.justsystems.com/jp/info/pd8001.html (in Japanese)

This vulnerability is different from the Security Alert issued on October 25, 2007.

For the latest information on the vulnerability, please refer to: http://jvndb.jvn.jp/contents/en/2008/JVNDB-2008-000001.html

The following creditee reported this vulnerability to IPA on December 17, 2007. JPCERT Coordination Center (JPCERT/CC) coordinated with the product vendors and published the vulnerability on January 7, 2008, under Information Security Early Warning Partnership.
Credit: Yuji Ukai of Fourteenforty Research Institute, Inc.

2.Impact

An attacker could crash a user’s system or infect it with viruses or bots when the user views a specially crafted document obtained via web browsers or emails.

This may result in the attacker gaining control over the user’s computer.

Depending on the web browser, just accessing a file (URL) may be enough to get infected rather than explicitly opening the file after downloading it.

Security Alert for Vulnerability in Multiple JustSystems Products

3.Solution

The solution and workaround vary depending on the affected product. Check out at the following URL and take appropriate action. http://www.justsystems.com/jp/info/pd8001.html (in Japanese)

4.CVSS Severity

(1)Evaluation Result

Severity Rating
(CVSS base score)
□ Low
(0.0~3.9)
Medium
(4.0~6.9)
□High
(7.0~10.0)
CVSS base score   6.8  

(2) Base Score Metrics

AV:Access Vector □ Local □ Adjacent
 Network
■ Network
AC:Access Complexity □ High ■ Medium □ Low
Au:Authentication □ Multiple □ Single ■ None
C:Confidentiality Impact □ None ■ Partial □ Complete
I:Integrity Impact □ None ■ Partial □ Complete
A:Availability Impact □ None ■ Partial □ Complete

■:Selected Values

Footnote

(*1) For more information on buffer overflow, please refer to
http://www.ipa.go.jp/security/awareness/vendor/programmingv2/cc10.html (in Japanese)

Contact

IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)
E-mail: