Fortinet Discovers JustSystem Ichitaro Memory Corruption Vulnerability
Fortinet's FortiGuard Labs has discovered a Memory Corruption vulnerability in JustSystems Ichitaro Office.
Ichitaro is a Japanese word processor produced by JustSystems. Ichitaro occupies the second share in Japanese word-processing software, behind Microsoft Word. It is one of the main products of the company.
The Memory Corruption vulnerability is due to an error when the vulnerable software handles a malformed JYT file. An attacker can exploit this vulnerability to execute arbitrary code within the context of the logged in user via a crafted JYT file.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Oct 24, 2017
Users should apply the solution provided by Justsystem.
Fortinet reported the vulnerability to Justsystem on August 16, 2017.
Justsystem patched the vulnerability on October 24, 2017.