CVE-2011-1331
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
| Software | From | Fixed in |
|---|---|---|
| justsystems / ichitaro_viewer | 20.0.2.0 | 20.0.2.0.x |
| justsystems / ichitaro_viewer | 19.0.2.0 | 19.0.2.0.x |
| justsystems / ichitaro | 2006 | 2006.x |
| justsystems / ichitaro_viewer | 5.1.3.0 | 5.1.3.0.x |
| justsystems / ichitaro | 2011 | 2011.x |
| justsystems / ichitaro_portable | - | - |
| justsystems / ichitaro | 2008 | 2008.x |
| justsystems / ichitaro | 2005 | 2005.x |
| justsystems / ichitaro_viewer | - | - |
| justsystems / ichitaro | 2010 | 2010.x |
| justsystems / ichitaro | 2007 | 2007.x |
| justsystems / ichitaro | 2009 | 2009.x |
| justsystems / ichitaro | 6 | 6.x |
| justsystems / ichitaro_pro | - | - |
| justsystems / ichitaro_viewer | 19.0.1.0 | 19.0.1.0.x |
| justsystems / ichitaro_viewer | 19.0.3.0 | 19.0.3.0.x |
- http://jvn.jp/en/jp/JVN87239473/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043
- http://secunia.com/advisories/44956
- http://www.justsystems.com/jp/info/js11001.html
- http://www.securityfocus.com/bid/48283
- http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68072
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime