Font Size Change

HOMEIT SecurityMeasures for Information Security VulnerabilitiesIPA/ISEC:Vulnerabilities:Security Alert for Vulnerability in Multiple JustSystems Products


IT Security

IPA/ISEC:Vulnerabilities:Security Alert for Vulnerability in Multiple JustSystems Products

Published: May 8, 2012

Information-technology Promotion Agency, Japan (IPA, Chairman Kazumasa Fujie) has issued a security alert concerning security vulnerability in JustSystems products on April 24, 2012. To fix this vulnerability, update the software to the latest version.


Multiple products from JustSystems, such as Japanese word processor 的chitaro� series and email software 鉄huriken�, have buffer overflow vulnerability when reading image files which could allow an attacker to execute arbitrary code on the target system.

Get the fixed version at the following URL and update the software. (Japanese)
For the latest information, refer to the following URL:

IPA and JPCERT Coordination Center (JPCERT/CC) received a report concerning this vulnerability directly from the product vendor on February 15, 2012, and released on April 24.


An attacker could destroy the system or infect it with viruses and bots when a user views malicious document files in web browser or opens malicious image files via email.

Security Alert for Vulnerability in Ichitaro Series


To fix this vulnerability, update the software to the latest version provided by the product vender.

4.CVSS Severity

(1)Evaluation Result

Severity Rating
(CVSS base score)
□ Low
□ High
CVSS base score  

(2) Base Score Metrics

AV:Access Vector □ Local □ Adjacent
■ Network
AC:Access Complexity □ High ■ Medium □ Low
Au:Authentication □ Multiple □ Single ■ None
C:Confidentiality Impact □ None ■ Partial □ Complete
I:Integrity Impact □ None ■ Partial □ Complete
A:Availability Impact □ None ■ Partial □ Complete

■:Selected Values

5.CWE Type

This vulnerability has been CWE classified as "Numeric Errors (CWE-189)"


IT Security Center,
Information-technology Promotion Agency, Japan (ISEC/IPA)