Fortinet Discovers JustSystem Ichitaro Memory Corruption Vulnerability
Fortinet's FortiGuard Labs has discovered a Memory Corruption vulnerability in JustSystems Ichitaro Office.
Ichitaro is a Japanese word processor produced by JustSystems. Ichitaro occupies the second share in Japanese word-processing software, behind Microsoft Word. It is one of the main products of the company.
The Memory Corruption vulnerability is due to an error when the vulnerable software handles a malformed JYT file. An attacker can exploit this vulnerability to execute arbitrary code within the context of the logged in user via a crafted JYT file.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Oct 24, 2017
Users should apply the solution provided by Justsystem.
Fortinet reported the vulnerability to Justsystem on August 16, 2017.
Justsystem patched the vulnerability on October 24, 2017.
This vulnerability was discovered by Tien Phan of Fortinet's FortiGuard Labs.