CVE-2013-3644

Unspecified vulnerability in JustSystems Ichitaro 2006 through 2013; Ichitaro Pro through 2; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro Portable with oreplug; Ichitaro Viewer; and Ichitaro JUST School through 2010 allows remote attackers to execute arbitrary code via a crafted document.

Published: 2013-06-18 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]

NVD Status：Modified，CVE State: published

View at NVD, CVE.org, EUVD

Conclusion & alert: CVE-2013-3644 is rated High Risk (66.3/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 4.17%). Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2013-3644

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	11.65%	4.17%	-7.48%
2	2025-08-22	10.83%	11.65%	+0.82%
3	2025-03-30	—	10.83%	—

Full EPSS history (14 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2013-3644

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
10.0	2.0	HIGH	`AV:N/AC:L/Au:N/C:C/I:C/A:C` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:C) Complete confidentiality impact. Integrity impact (I:C) Complete integrity impact. Availability impact (A:C) Complete availability impact.	10.0	10.0	[email protected]

Weakness enumeration for CVE-2013-3644

Affected software / configurations for CVE-2013-3644

Vendor	Product	Version	Raw CPE
justsystems	ichitaro	6	cpe:2.3:a:justsystems:ichitaro:6:-:government:::::*
justsystems	ichitaro	7	cpe:2.3:a:justsystems:ichitaro:7:-:government:::::*
justsystems	ichitaro	2006	cpe:2.3:a:justsystems:ichitaro:2006:::::::*
justsystems	ichitaro	2006	cpe:2.3:a:justsystems:ichitaro:2006:-:government:::::*
justsystems	ichitaro	2007	cpe:2.3:a:justsystems:ichitaro:2007:::::::*
justsystems	ichitaro	2007	cpe:2.3:a:justsystems:ichitaro:2007:-:government:::::*
justsystems	ichitaro	2008	cpe:2.3:a:justsystems:ichitaro:2008:::::::*
justsystems	ichitaro	2008	cpe:2.3:a:justsystems:ichitaro:2008:-:government:::::*
justsystems	ichitaro	2009	cpe:2.3:a:justsystems:ichitaro:2009:::::::*
justsystems	ichitaro	2009	cpe:2.3:a:justsystems:ichitaro:2009:-:government:::::*
justsystems	ichitaro	2010	cpe:2.3:a:justsystems:ichitaro:2010:::::::*
justsystems	ichitaro	2010	cpe:2.3:a:justsystems:ichitaro:2010:-:government:::::*
justsystems	ichitaro	2011	cpe:2.3:a:justsystems:ichitaro:2011:::::::*
justsystems	ichitaro	2012	cpe:2.3:a:justsystems:ichitaro:2012:::::::*
justsystems	ichitaro	2013	cpe:2.3:a:justsystems:ichitaro:2013:::::::*
justsystems	ichitaro_just_school	—	cpe:2.3:a:justsystems:ichitaro_just_school:-:::::::*
justsystems	ichitaro_portable	—	cpe:2.3:a:justsystems:ichitaro_portable:-:oreplug::::::
justsystems	ichitaro_viewer	—	cpe:2.3:a:justsystems:ichitaro_viewer:-:::::::*

References for CVE-2013-3644

URL	Tags
http://jvn.jp/en/jp/JVN98712361/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-000058
http://www.justsystems.com/jp/info/js13002.html

cvelogic Threat Intelligence