CVE-2010-1424
published 2010-04-15CVE-2010-1424: Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via…
PriorityP265critical9.3CVSS 2.0
AVNACMAuNCCICAC
ITWVulnCheck KEV
Exploited in the wild
EPSS
4.04%
89.3th percentile
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| justsystems | ichitaro | — | — |
| justsystems | ichitaro | — | — |
| justsystems | ichitaro | — | — |
| justsystems | ichitaro | — | — |
| justsystems | ichitaro | — | — |
CVSS provenance
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vulncheck9.3CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-89ww-rmr4-f6rq: Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary
ghsa_unreviewed·2022-05-02
CVE-2010-1424 [HIGH] GHSA-89ww-rmr4-f6rq: Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.
VulnCheck
JustSystems Ichitaro/Ichitaro Government Assisted Remote Code Execution Vulnerability
vulncheck·2010·CVSS 9.3
CVE-2010-1424 [CRITICAL] JustSystems Ichitaro/Ichitaro Government Assisted Remote Code Execution Vulnerability
JustSystems Ichitaro/Ichitaro Government Assisted Remote Code Execution Vulnerability
Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.
Affected: justsystems ichitaro
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://www.virusbulletin.com/virusbulletin/2020/05/vb2019-paper-apt-cases-exploiting-vulnerabilities-regionspecific-software/#ref3
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://jvn.jp/en/jp/JVN98467259/index.htmlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.htmlhttp://osvdb.org/63651http://secunia.com/advisories/39256http://www.justsystems.com/jp/info/js10001.htmlhttp://www.securitytracker.com/id?1023844http://www.vupen.com/english/advisories/2010/0854http://jvn.jp/en/jp/JVN98467259/index.htmlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000015.htmlhttp://osvdb.org/63651http://secunia.com/advisories/39256http://www.justsystems.com/jp/info/js10001.htmlhttp://www.securitytracker.com/id?1023844http://www.vupen.com/english/advisories/2010/0854
2010-04-15
Published
Exploited in the wild