Zero-day vulnerabilities discovered: 1
Heap-based buffer overflow
The vulnerability allows a remote attacker to execute arbitrary code on the target system.According to Symantec the first exploitation of the vulnerability was discovered on 2009-03-19.
Software: Ichitaro
Known/fameous malware:
Trojan.Tarodrop.L
Links:
http://jvn.jp/en/jp/JVN87239473/index.html
http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000043.html
https://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability
http://www.justsystems.com/jp/info/js11001.html
https://www.symantec.com/security_response/writeup.jsp?docid=2011-061507-2634-99
https://www.symantec.com/security_response/writeup.jsp?docid=2011-061507-2634-99&tabid=3
https://co.norton.com/security_response/print_writeup.jsp?docid=2011-061507-2634-99
https://users.ece.cmu.edu/~tdumitra/public_documents/bilge12_zero_day.pdf