CVE-2010-2152

Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://jvn.jp/en/jp/JVN17293765/index.html
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html
http://www.vupen.com/english/advisories/2010/1283	Vendor Advisory
http://osvdb.org/65050
http://www.justsystems.com/jp/info/js10002.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/40472
http://secunia.com/advisories/40008	Vendor Advisory
http://www.ipa.go.jp/about/press/20100601.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/59037

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:justsystems:ichitaro:2007:::::::*
	cpe:2.3:a:justsystems:ichitaro:2008:::::::*
	cpe:2.3:a:justsystems:ichitaro:2009:::::::*
	cpe:2.3:a:justsystems:ichitaro:2005:::::::*
	cpe:2.3:a:justsystems:ichitaro:2006:::::::*
	cpe:2.3:a:justsystems:ichitaro:2004:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:justsystems:ichitaro:2008:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2009:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2006:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2007:-:government:::::*

Configuration 3 (hide)

OR	cpe:2.3:a:justsystems:just_school:2008:::::::*
	cpe:2.3:a:justsystems:just_school:2009:::::::*

Information

Published : 2010-06-03 09:30

Updated : 2017-08-16 18:32

NVD link : CVE-2010-2152

Mitre link : CVE-2010-2152

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

justsystems

just_school
ichitaro

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://jvn.jp/en/jp/JVN17293765/index.html", "name": "JVN#17293765", "tags": [], "refsource": "JVN"}, {"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html", "name": "JVNDB-2010-000024", "tags": [], "refsource": "JVNDB"}, {"url": "http://www.vupen.com/english/advisories/2010/1283", "name": "ADV-2010-1283", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://osvdb.org/65050", "name": "65050", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.justsystems.com/jp/info/js10002.html", "name": "http://www.justsystems.com/jp/info/js10002.html", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/40472", "name": "40472", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/40008", "name": "40008", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.ipa.go.jp/about/press/20100601.html", "name": "http://www.ipa.go.jp/about/press/20100601.html", "tags": [], "refsource": "MISC"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037", "name": "ichitaro-attributes-code-execution(59037)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-2152", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2010-06-03T16:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:justsystems:just_school:2008:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:32Z"}

9.3 /10