Vulnerability Details : CVE-2009-1054
Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to execute arbitrary code via a crafted file, as exploited in the wild by Trojan.Tarodrop.H in March 2009.
Vulnerability category: Execute code
Products affected by CVE-2009-1054
- cpe:2.3:a:ichitaro:ichitaro:2005:*:*:*:*:*:*:*
- cpe:2.3:a:ichitaro:ichitaro:2006:*:*:*:*:*:*:*
- cpe:2.3:a:ichitaro:ichitaro:2007:*:*:*:*:*:*:*
- cpe:2.3:a:ichitaro:ichitaro:2004:*:*:*:*:*:*:*
- cpe:2.3:a:ichitaro:ichitaro:2008:*:*:*:*:*:*:*
- cpe:2.3:a:ichitaro:ichitaro:lite2:*:*:*:*:*:*:*
- cpe:2.3:a:ichitaro:ichitaro:13:*:*:*:*:*:*:*
- cpe:2.3:a:ichitaro:ichitaro_viewer:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-1054
6.88%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-1054
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2009-1054
-
http://www.securityfocus.com/bid/34138
-
http://www.justsystems.com/jp/info/js09001.html
Patch;Vendor Advisory
-
http://www.symantec.com/business/security_response/writeup.jsp?docid=2009-031608-2424-99
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/49280
-
http://www.vupen.com/english/advisories/2009/0769
Vendor Advisory
Jump to