Ichitaro is a widely recognized word processing software in Japan created by JustSystems.
Cisco Talos recently discovered four bugs in it that might result in arbitrary code execution.
Ichitaro employs the.jtd file extension and the ATOK input method (IME). In Japan, there is only Microsoft Word that is more widely used as a word processor.
The researchers identified four flaws that might provide an attacker access to the target machine and the ability to run arbitrary code. In the event that the target accesses a malicious file prepared by the attacker, TALOS-2022-1673 (CVE-2022-43664) might cause the attacker to reuse freed memory, which could result in more memory corruption and even arbitrary code execution.
Similar effects can also be seen as a result of TALOS-2023-1722 (CVE-2023-22660), except this time the cause is a buffer overflow.
The two other memory corruption flaws, TALOS-2022-1687 (CVE-2023-22291) and TALOS-2022-1684 (CVE-2022-45115), which can also result in code execution if the target opens a specially prepared, malicious document, are similarly exploitable.
In accordance with Cisco's vulnerability disclosure policy, Cisco Talos collaborated with JustSystems to ensure that these vulnerabilities were patched and that an update was accessible to customers who were affected.
Users are advised to update these impacted products as soon as they can: Version 1.0.1.57600 of Ichitaro 2022. This version of the word processor can be abused by these flaws, according to Talos' testing.
61011, 61012, 61091, 61092, 61163, 61164, 61393 and 61394 are the Snort rules that will catch attempts to exploit this issue. In the absence of new vulnerability information, further rules may be provided in the future, and existing rules may change. Please consult your Cisco Secure Firewall Management Center or Snort.org for the latest up-to-date rule information.