CVE-2011-1331

CVSS V2 High 9.3 CVSS V3 None
Description
JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted document, as exploited in the wild in early 2011.
Overview
  • CVE ID
  • CVE-2011-1331
  • Assigner
  • vultures@jpcert.or.jp
  • Vulnerability Status
  • Modified
  • Published Version
  • 2011-07-18T22:55:01
  • Last Modified Date
  • 2017-08-17T01:34:05
Weakness Enumerations
CWE URL
CWE-119 http://cwe.mitre.org/data/definitions/119.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2005:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_portable:*:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_pro:*:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_viewer:*:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_viewer:5.1.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_viewer:19.0.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_viewer:19.0.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_viewer:19.0.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:justsystems:ichitaro_viewer:20.0.2.0:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:M/Au:N/C:C/I:C/A:C
  • Access Vector
  • NETWORK
  • Access Compatibility
  • MEDIUM
  • Authentication
  • NONE
  • Confidentiality Impact
  • COMPLETE
  • Integrity Impact
  • COMPLETE
  • Availability Impact
  • COMPLETE
  • Base Score
  • 9.3
  • Severity
  • HIGH
  • Exploitability Score
  • 8.6
  • Impact Score
  • 10
References
Reference URL Reference Tags
http://www.securityfocus.com/bid/48283
http://secunia.com/advisories/44956 Vendor Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2011-000043
http://www.justsystems.com/jp/info/js11001.html Patch Vendor Advisory
http://jvn.jp/en/jp/JVN87239473/index.html
http://www.symantec.com/connect/blogs/targeted-attacks-2011-using-ichitaro-zero-day-vulnerability Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/68072
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2011-1331
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1331
History
Created Old Value New Value Data Type Notes
2022-05-10 08:54:57 Added to TrackCVE