Lucene search

JpcertCVE-2010-3919

HistoryDec 10, 2010 - 7:00 p.m.

CVE-2010-3919

2010-12-1019:00:05

CWE-264

jpcert

web.nvd.nist.gov

cve-2010-3919

fenrir grani

web security

remote attack

clipboard vulnerability

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

70.8%

JSON

Fenrir Grani 4.5 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site.

Affected configurations

Nvd

Node

fenrirgraniRange≤4.5

fenrirgraniMatch3.0

fenrirgraniMatch3.1

fenrirgraniMatch3.2

fenrirgraniMatch3.5

fenrirgraniMatch4.0

fenrirgraniMatch4.1

fenrirgraniMatch4.2

fenrirgraniMatch4.3

fenrirgraniMatch4.4

VendorProductVersionCPE
fenrirgrani*cpe:2.3:a:fenrir:grani:*:*:*:*:*:*:*:*
fenrirgrani3.0cpe:2.3:a:fenrir:grani:3.0:*:*:*:*:*:*:*
fenrirgrani3.1cpe:2.3:a:fenrir:grani:3.1:*:*:*:*:*:*:*
fenrirgrani3.2cpe:2.3:a:fenrir:grani:3.2:*:*:*:*:*:*:*
fenrirgrani3.5cpe:2.3:a:fenrir:grani:3.5:*:*:*:*:*:*:*
fenrirgrani4.0cpe:2.3:a:fenrir:grani:4.0:*:*:*:*:*:*:*
fenrirgrani4.1cpe:2.3:a:fenrir:grani:4.1:*:*:*:*:*:*:*
fenrirgrani4.2cpe:2.3:a:fenrir:grani:4.2:*:*:*:*:*:*:*
fenrirgrani4.3cpe:2.3:a:fenrir:grani:4.3:*:*:*:*:*:*:*
fenrirgrani4.4cpe:2.3:a:fenrir:grani:4.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fenrir	grani	*	cpe:2.3:a:fenrir:grani::::::::
fenrir	grani	3.0	cpe:2.3:a:fenrir:grani:3.0:::::::*
fenrir	grani	3.1	cpe:2.3:a:fenrir:grani:3.1:::::::*
fenrir	grani	3.2	cpe:2.3:a:fenrir:grani:3.2:::::::*
fenrir	grani	3.5	cpe:2.3:a:fenrir:grani:3.5:::::::*
fenrir	grani	4.0	cpe:2.3:a:fenrir:grani:4.0:::::::*
fenrir	grani	4.1	cpe:2.3:a:fenrir:grani:4.1:::::::*
fenrir	grani	4.2	cpe:2.3:a:fenrir:grani:4.2:::::::*
fenrir	grani	4.3	cpe:2.3:a:fenrir:grani:4.3:::::::*
fenrir	grani	4.4	cpe:2.3:a:fenrir:grani:4.4:::::::*

References

jvn.jp/en/jp/JVN76662040/index.html

jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000058.html

secunia.com/advisories/42428

www.fenrir.co.jp/blog/2010/11/post_47.html

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

70.8%

JSON

Related for CVE-2010-3919