JPCERT-AT-2014-0047
JPCERT/CC
2014-11-13
<<< JPCERT/CC Alert 2014-11-13 >>>
Vulnerability in Ichitaro series, November 2014
https://www.jpcert.or.jp/english/at/2014/at140047.html
I. Overview
JustSystems Corporation has released an update module to address a
vulnerability in the Ichitaro series. Leveraging this vulnerability
may allow a remote attacker to execute arbitrary code.
For details on the vulnerability, refer to the following URL:
[JS14003] Possible malicious program execution leveraging vulnerability in Ichitaro
https://www.justsystems.com/jp/info/js14003.html
II. Affected Systems
The following versions are affected by this vulnerability:
- Ichitaro 2014 Tetsu
- Ichitaro 2013 Gen
- Ichitaro 2012 Shou
- Ichitaro 2011 Sou / Ichitaro 2011
- Ichitaro Pro 2
- Ichitaro Pro
- Ichitaro Government 7
- Ichitaro Government 6
- Ichitaro 2010
- Ichitaro Government 2010
- Ichitaro 2009
- Ichitaro Government 2009
- Ichitaro 2008
- Ichitaro Government 2008
For more details, refer to the information provided by JustSystems
Corporation
III. Solution
An update module is available on the web site of JustSystems
Corporation. Please apply the update module.
IV. References
JustSystems Corporation
[JS14003] Possible malicious program execution leveraging vulnerability in Ichitaro
https://www.justsystems.com/jp/info/js14003.html
Japan Vulnerability Notes JVN#16318793
Ichitaro series vulnerable to arbitrary code execution
https://jvn.jp/en/jp/JVN16318793/index.html
If you have any information regarding this alert, please contact
JPCERT/CC.
======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: +81-3-3518-4600 FAX: +81-3-3518-4602
https://www.jpcert.or.jp/english/
Top