Advisories » Ichitaro Document Viewer Document Handling Remote Buffer Overflow Vulnerability
| Release Date: | 21/08/2006 | Severity: | Extremely Critical  |
| SecWatch Advisory: | SWID1015156 | Cause: | Boundary error |
| Solution Status: | Vendor Patch | Impact: | Execution of arbitrary code |
| Exploit Status: | None Available | Access Vector: | From remote |
| Affected Software: | Ichitaro 10.x Ichitaro 11.x Ichitaro 12.x Ichitaro 13.x Ichitaro 2004 Ichitaro 2005 Ichitaro 2006 Ichitaro 9.x Ichitaro for Linux |
||
Description:
A vulnerability in Ichitaro has been reported, which can be exploited by remote users to compromise a user's system.
The vulnerability is caused due to a boundary error when processing a specially crafted document. This can be exploited to cause a stack-based buffer overflow via an overly long string.
Successful exploitation allows execution of arbitrary code.
Solution:
The vulnerability has been fixed, apply patch:
Ichitaro 2005/2006:
A patch was released on 2006-08-18.
Ichitaro for Linux:
A patch should be available soon.
Credits:
Discovered in the wild as a so-called 0-day.
Free Vulnerability Notification Service
Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.
Related Vulnerabilities and Exploits
13 Dec 07: JustSystems Ichitaro "JSGCI.DLL" Document Processing Remote Buffe..
03 Aug 07: JustSystems Ichitaro Document Processing Unspecified Remote Code ..
09 Apr 07: JustSystems Ichitaro Document Processing Unspecified Remote Code ..
07 Jan 08: JustSystem Products "JSFC.DLL" Remote Buffer Overflow Vulnerabili..
25 Oct 07: JustSystems Ichitaro Document Processing Multiple Remote Buffer O..