Lucene search
JpcertCVE-2010-3163HistoryOct 25, 2010 - 8:01 p.m.
CVE-2010-3163
2010-10-2520:01:03
jpcert
web.nvd.nist.gov
27
cve-2010-3163
fenrir sleipnir
grani
untrusted search path vulnerability
privilege escalation
nvd
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
5.1%
Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 and Grani before 4.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
Affected configurations
Node
fenrirsleipnirRange≤2.9.4
ORfenrirsleipnirMatch2.5.0
ORfenrirsleipnirMatch2.5.1
ORfenrirsleipnirMatch2.5.2
ORfenrirsleipnirMatch2.5.3
ORfenrirsleipnirMatch2.5.4
ORfenrirsleipnirMatch2.5.5
ORfenrirsleipnirMatch2.5.6
ORfenrirsleipnirMatch2.5.7
ORfenrirsleipnirMatch2.5.8
ORfenrirsleipnirMatch2.5.9
ORfenrirsleipnirMatch2.5.10
ORfenrirsleipnirMatch2.5.11
ORfenrirsleipnirMatch2.5.12
ORfenrirsleipnirMatch2.5.13
ORfenrirsleipnirMatch2.5.14
ORfenrirsleipnirMatch2.5.15
ORfenrirsleipnirMatch2.5.16
ORfenrirsleipnirMatch2.5.17
ORfenrirsleipnirMatch2.6.0
ORfenrirsleipnirMatch2.6.1
ORfenrirsleipnirMatch2.6.2
ORfenrirsleipnirMatch2.7.0
ORfenrirsleipnirMatch2.7.1
ORfenrirsleipnirMatch2.7.1r2
ORfenrirsleipnirMatch2.7.2
ORfenrirsleipnirMatch2.8
ORfenrirsleipnirMatch2.8.2
ORfenrirsleipnirMatch2.8.3
ORfenrirsleipnirMatch2.8.4
ORfenrirsleipnirMatch2.8.5
ORfenrirsleipnirMatch2.9
ORfenrirsleipnirMatch2.9.1
ORfenrirsleipnirMatch2.9.2
ORfenrirsleipnirMatch2.9.3
Node
fenrirgraniRange≤4.3
ORfenrirgraniMatch3.0
ORfenrirgraniMatch3.1
ORfenrirgraniMatch3.2
ORfenrirgraniMatch3.5
ORfenrirgraniMatch4.0
ORfenrirgraniMatch4.1
ORfenrirgraniMatch4.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fenrir | sleipnir | * | cpe:2.3:a:fenrir:sleipnir:*:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.0 | cpe:2.3:a:fenrir:sleipnir:2.5.0:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.1 | cpe:2.3:a:fenrir:sleipnir:2.5.1:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.2 | cpe:2.3:a:fenrir:sleipnir:2.5.2:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.3 | cpe:2.3:a:fenrir:sleipnir:2.5.3:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.4 | cpe:2.3:a:fenrir:sleipnir:2.5.4:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.5 | cpe:2.3:a:fenrir:sleipnir:2.5.5:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.6 | cpe:2.3:a:fenrir:sleipnir:2.5.6:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.7 | cpe:2.3:a:fenrir:sleipnir:2.5.7:*:*:*:*:*:*:* |
| fenrir | sleipnir | 2.5.8 | cpe:2.3:a:fenrir:sleipnir:2.5.8:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2010-3163
2010-10-25 20:01:03
cvelist
cvelist
CVE-2010-3163
2010-10-25 19:00:00
prion
prion
Design/Logic Flaw
2010-10-25 20:01:00
jvn
jvn
JVN#50610528: Sleipnir and Grani may insecurely load dynamic libraries
2010-10-22 00:00:00
CVSS2
6.9
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
AI Score
6.7
Confidence
Low
EPSS
0
Percentile
5.1%
Related for CVE-2010-3163