CVE-2010-2152

Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://jvn.jp/en/jp/JVN17293765/index.html
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html
http://osvdb.org/65050
http://secunia.com/advisories/40008	Vendor Advisory
http://www.ipa.go.jp/about/press/20100601.html
http://www.justsystems.com/jp/info/js10002.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/40472
http://www.vupen.com/english/advisories/2010/1283	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/59037

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:justsystems:ichitaro:2004:::::::*
	cpe:2.3:a:justsystems:ichitaro:2005:::::::*
	cpe:2.3:a:justsystems:ichitaro:2006:::::::*
	cpe:2.3:a:justsystems:ichitaro:2007:::::::*
	cpe:2.3:a:justsystems:ichitaro:2008:::::::*
	cpe:2.3:a:justsystems:ichitaro:2009:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:justsystems:ichitaro:2006:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2007:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2008:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2009:-:government:::::*

Configuration 3 (hide)

OR	cpe:2.3:a:justsystems:just_school:2008:::::::*
	cpe:2.3:a:justsystems:just_school:2009:::::::*

History

No history.

Information

Published : 2010-06-03 16:30

Updated : 2023-12-10 11:03

NVD link : CVE-2010-2152

Mitre link : CVE-2010-2152

CVE.ORG link : CVE-2010-2152

JSON object : View

Products Affected

justsystems

ichitaro
just_school

CWE

NVD-CWE-noinfo

{"id": "CVE-2010-2152", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-06-03T16:30:01.710", "references": [{"url": "http://jvn.jp/en/jp/JVN17293765/index.html", "source": "cve@mitre.org"}, {"url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/65050", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/40008", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.ipa.go.jp/about/press/20100601.html", "source": "cve@mitre.org"}, {"url": "http://www.justsystems.com/jp/info/js10002.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/40472", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2010/1283", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."}, {"lang": "es", "value": "Vulnerabilidad sin expecificar de JustSystems Ichitaro 2004 hasta 2009, Ichitaro Government 2006 hasta 2009, y Just School 2008 y 2009 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos relacionado con \"el procesamiento de los atributos de las caracter\u00edsticas de un producto\" para un documento."}], "lastModified": "2017-08-17T01:32:38.117", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F"}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:just_school:2008:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1A10D07-C5AA-4724-905A-9BC355E13471"}, {"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}