CVE-2013-5990

Unspecified vulnerability in JustSystems Ichitaro 2006 through 2011; Ichitaro Government 6, 7, and 2006 through 2010; Ichitaro 2011 Sou; Ichitaro 2012 Shou; Ichitaro 2013 Gen and Gen Trial Edition; Ichitaro Pro; Ichitaro Pro 2 and Pro 2 Trial Edition; Ichitaro Viewer; and Ichitaro Portable with oreplug allows remote attackers to execute arbitrary code via a crafted document.

Published: 2013-11-13 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2013-5990 is rated High Risk (68.6/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 5.13%). High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2013-5990

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-03-30 4.81% 5.13% +0.33%
2 2025-03-29 5.13% 4.81% -0.33%
3 2025-03-19 5.13%

Full EPSS history (16 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2013-5990

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.3 2.0 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:M)
Exploitation needs some favorable conditions, but not exceptional ones.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 8.6 10.0 [email protected]

Weakness enumeration for CVE-2013-5990

Affected software / configurations for CVE-2013-5990

Vendor Product Version Raw CPE
justsystems ichitaro_pro cpe:2.3:a:justsystems:ichitaro_pro:-:*:*:*:*:*:*:*
justsystems ichitaro_pro 2 cpe:2.3:a:justsystems:ichitaro_pro:2:*:*:*:*:*:*:*
justsystems ichitaro_pro 2 cpe:2.3:a:justsystems:ichitaro_pro:2:-:trial:*:*:*:*:*
justsystems ichitaro_portable_with_oreplug cpe:2.3:a:justsystems:ichitaro_portable_with_oreplug:-:*:*:*:*:*:*:*
justsystems ichitaro 2012 cpe:2.3:a:justsystems:ichitaro:2012:-:shou:*:*:*:*:*
justsystems ichitaro 2013 cpe:2.3:a:justsystems:ichitaro:2013:-:gen:*:*:*:*:*
justsystems ichitaro 2013 cpe:2.3:a:justsystems:ichitaro:2013:-:gen_trial:*:*:*:*:*
justsystems ichitaro_viewer cpe:2.3:a:justsystems:ichitaro_viewer:-:*:*:*:*:*:*:*
justsystems ichitaro 2011 cpe:2.3:a:justsystems:ichitaro:2011:-:sou:*:*:*:*:*
justsystems ichitaro 6 cpe:2.3:a:justsystems:ichitaro:6:-:government:*:*:*:*:*
justsystems ichitaro 7 cpe:2.3:a:justsystems:ichitaro:7:-:government:*:*:*:*:*
justsystems ichitaro 2006 cpe:2.3:a:justsystems:ichitaro:2006:-:government:*:*:*:*:*
justsystems ichitaro 2007 cpe:2.3:a:justsystems:ichitaro:2007:-:government:*:*:*:*:*
justsystems ichitaro 2008 cpe:2.3:a:justsystems:ichitaro:2008:-:government:*:*:*:*:*
justsystems ichitaro 2009 cpe:2.3:a:justsystems:ichitaro:2009:-:government:*:*:*:*:*
justsystems ichitaro 2010 cpe:2.3:a:justsystems:ichitaro:2010:-:government:*:*:*:*:*
justsystems ichitaro 2006 cpe:2.3:a:justsystems:ichitaro:2006:*:*:*:*:*:*:*
justsystems ichitaro 2007 cpe:2.3:a:justsystems:ichitaro:2007:*:*:*:*:*:*:*
justsystems ichitaro 2008 cpe:2.3:a:justsystems:ichitaro:2008:*:*:*:*:*:*:*
justsystems ichitaro 2009 cpe:2.3:a:justsystems:ichitaro:2009:*:*:*:*:*:*:*
justsystems ichitaro 2010 cpe:2.3:a:justsystems:ichitaro:2010:*:*:*:*:*:*:*
justsystems ichitaro 2011 cpe:2.3:a:justsystems:ichitaro:2011:*:*:*:*:*:*:*

References for CVE-2013-5990

cvelogic Threat Intelligence