CVE-2010-2152 - OpenCVE

Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to "product character attribute processing" for a document.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Justsystems	Ichitaro Just School

Configuration 1 [-]

OR	cpe:2.3:a:justsystems:ichitaro:2004:::::::*
	cpe:2.3:a:justsystems:ichitaro:2005:::::::*
	cpe:2.3:a:justsystems:ichitaro:2006:::::::*
	cpe:2.3:a:justsystems:ichitaro:2007:::::::*
	cpe:2.3:a:justsystems:ichitaro:2008:::::::*
	cpe:2.3:a:justsystems:ichitaro:2009:::::::*

Configuration 2 [-]

OR	cpe:2.3:a:justsystems:ichitaro:2006:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2007:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2008:-:government:::::*
	cpe:2.3:a:justsystems:ichitaro:2009:-:government:::::*

Configuration 3 [-]

OR	cpe:2.3:a:justsystems:just_school:2008:::::::*
	cpe:2.3:a:justsystems:just_school:2009:::::::*

No data.

References

Link	Providers
http://jvn.jp/en/jp/JVN17293765/index.html
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html
http://osvdb.org/65050
http://secunia.com/advisories/40008
http://www.ipa.go.jp/about/press/20100601.html
http://www.justsystems.com/jp/info/js10002.html
http://www.securityfocus.com/bid/40472
http://www.vupen.com/english/advisories/2010/1283
https://exchange.xforce.ibmcloud.com/vulnerabilities/59037

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-06-03T16:00:00

Updated: 2024-08-07T02:25:07.018Z

Reserved: 2010-06-03T00:00:00

Link: CVE-2010-2152

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-06-03T16:30:01.710

Modified: 2017-08-17T01:32:38.117

Link: CVE-2010-2152

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-06-01T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ichitaro-attributes-code-execution(59037)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"}, {"name": "40472", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/40472"}, {"name": "JVN#17293765", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN17293765/index.html"}, {"name": "ADV-2010-1283", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/1283"}, {"name": "40008", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/40008"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.justsystems.com/jp/info/js10002.html"}, {"name": "65050", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/65050"}, {"name": "JVNDB-2010-000024", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ipa.go.jp/about/press/20100601.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-2152", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ichitaro-attributes-code-execution(59037)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"}, {"name": "40472", "refsource": "BID", "url": "http://www.securityfocus.com/bid/40472"}, {"name": "JVN#17293765", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN17293765/index.html"}, {"name": "ADV-2010-1283", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/1283"}, {"name": "40008", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/40008"}, {"name": "http://www.justsystems.com/jp/info/js10002.html", "refsource": "CONFIRM", "url": "http://www.justsystems.com/jp/info/js10002.html"}, {"name": "65050", "refsource": "OSVDB", "url": "http://osvdb.org/65050"}, {"name": "JVNDB-2010-000024", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"}, {"name": "http://www.ipa.go.jp/about/press/20100601.html", "refsource": "MISC", "url": "http://www.ipa.go.jp/about/press/20100601.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T02:25:07.018Z"}, "title": "CVE Program Container", "references": [{"name": "ichitaro-attributes-code-execution(59037)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"}, {"name": "40472", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/40472"}, {"name": "JVN#17293765", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN17293765/index.html"}, {"name": "ADV-2010-1283", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/1283"}, {"name": "40008", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/40008"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.justsystems.com/jp/info/js10002.html"}, {"name": "65050", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/65050"}, {"name": "JVNDB-2010-000024", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ipa.go.jp/about/press/20100601.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-2152", "datePublished": "2010-06-03T16:00:00", "dateReserved": "2010-06-03T00:00:00", "dateUpdated": "2024-08-07T02:25:07.018Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:ichitaro:2004:*:*:*:*:*:*:*", "matchCriteriaId": "AFAE853E-5415-4B31-A873-E74E7C66C52F", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:*", "matchCriteriaId": "471FA5F8-8EC2-4FEB-93E0-B838F81BD472", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*", "matchCriteriaId": "9E7E7611-56FC-4379-99FE-8D42046FA9C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*", "matchCriteriaId": "A749FA56-6DE2-48A4-902C-6EB7E6575BA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*", "matchCriteriaId": "8B8FAFF2-94AD-4C8B-8B10-57651DEA6191", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*", "matchCriteriaId": "12205BDB-6DD6-46B8-891B-E4EAAB8F3588", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*", "matchCriteriaId": "AA38365F-0FB9-4570-8A38-4FCC9AADA267", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*", "matchCriteriaId": "6A5C721C-CA01-4C6A-AC7C-C07FC3A333D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*", "matchCriteriaId": "25F1AF4E-E4EC-4E66-B532-002A8512916F", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*", "matchCriteriaId": "9BC34189-32FE-4C8E-A87E-731C622ECBC0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:justsystems:just_school:2008:*:*:*:*:*:*:*", "matchCriteriaId": "F1A10D07-C5AA-4724-905A-9BC355E13471", "vulnerable": true}, {"criteria": "cpe:2.3:a:justsystems:just_school:2009:*:*:*:*:*:*:*", "matchCriteriaId": "33B0260B-137B-42FE-A91D-B3EE091CD460", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 through 2009, and Just School 2008 and 2009 allows remote attackers to execute arbitrary code via unknown vectors related to \"product character attribute processing\" for a document."}, {"lang": "es", "value": "Vulnerabilidad sin expecificar de JustSystems Ichitaro 2004 hasta 2009, Ichitaro Government 2006 hasta 2009, y Just School 2008 y 2009 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos relacionado con \"el procesamiento de los atributos de las caracter\u00edsticas de un producto\" para un documento."}], "id": "CVE-2010-2152", "lastModified": "2017-08-17T01:32:38.117", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2010-06-03T16:30:01.710", "references": [{"source": "cve@mitre.org", "url": "http://jvn.jp/en/jp/JVN17293765/index.html"}, {"source": "cve@mitre.org", "url": "http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000024.html"}, {"source": "cve@mitre.org", "url": "http://osvdb.org/65050"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/40008"}, {"source": "cve@mitre.org", "url": "http://www.ipa.go.jp/about/press/20100601.html"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.justsystems.com/jp/info/js10002.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/40472"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/1283"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/59037"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}