Lucene search

[email protected]CVE-2010-3164

HistoryOct 25, 2010 - 8:01 p.m.

CVE-2010-3164

2010-10-2520:01:03

[email protected]

web.nvd.nist.gov

cve-2010-3164

untrusted search path

fenrir sleipnir

grani

vulnerability

privilege escalation

trojan horse executable

nvd

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.

Affected configurations

NVD

Node

fenrirsleipnirRange≤2.9.4

fenrirsleipnirMatch2.5.0

fenrirsleipnirMatch2.5.1

fenrirsleipnirMatch2.5.2

fenrirsleipnirMatch2.5.3

fenrirsleipnirMatch2.5.4

fenrirsleipnirMatch2.5.5

fenrirsleipnirMatch2.5.6

fenrirsleipnirMatch2.5.7

fenrirsleipnirMatch2.5.8

fenrirsleipnirMatch2.5.9

fenrirsleipnirMatch2.5.10

fenrirsleipnirMatch2.5.11

fenrirsleipnirMatch2.5.12

fenrirsleipnirMatch2.5.13

fenrirsleipnirMatch2.5.14

fenrirsleipnirMatch2.5.15

fenrirsleipnirMatch2.5.16

fenrirsleipnirMatch2.5.17

fenrirsleipnirMatch2.6.0

fenrirsleipnirMatch2.6.1

fenrirsleipnirMatch2.6.2

fenrirsleipnirMatch2.7.0

fenrirsleipnirMatch2.7.1

fenrirsleipnirMatch2.7.1r2

fenrirsleipnirMatch2.7.2

fenrirsleipnirMatch2.8

fenrirsleipnirMatch2.8.2

fenrirsleipnirMatch2.8.3

fenrirsleipnirMatch2.8.4

fenrirsleipnirMatch2.8.5

fenrirsleipnirMatch2.9

fenrirsleipnirMatch2.9.1

fenrirsleipnirMatch2.9.2

fenrirsleipnirMatch2.9.3

Node

fenrirgraniRange≤4.3

fenrirgraniMatch3.0

fenrirgraniMatch3.1

fenrirgraniMatch3.2

fenrirgraniMatch3.5

fenrirgraniMatch4.0

fenrirgraniMatch4.1

fenrirgraniMatch4.2

CPENameOperatorVersion
fenrir:sleipnirfenrir sleipnirle2.9.4
fenrir:sleipnirfenrir sleipnireq2.5.0
fenrir:sleipnirfenrir sleipnireq2.5.1
fenrir:sleipnirfenrir sleipnireq2.5.2
fenrir:sleipnirfenrir sleipnireq2.5.3
fenrir:sleipnirfenrir sleipnireq2.5.4
fenrir:sleipnirfenrir sleipnireq2.5.5
fenrir:sleipnirfenrir sleipnireq2.5.6
fenrir:sleipnirfenrir sleipnireq2.5.7
fenrir:sleipnirfenrir sleipnireq2.5.8

CPE	Name	Operator	Version
fenrir:sleipnir	fenrir sleipnir	le	2.9.4
fenrir:sleipnir	fenrir sleipnir	eq	2.5.0
fenrir:sleipnir	fenrir sleipnir	eq	2.5.1
fenrir:sleipnir	fenrir sleipnir	eq	2.5.2
fenrir:sleipnir	fenrir sleipnir	eq	2.5.3
fenrir:sleipnir	fenrir sleipnir	eq	2.5.4
fenrir:sleipnir	fenrir sleipnir	eq	2.5.5
fenrir:sleipnir	fenrir sleipnir	eq	2.5.6
fenrir:sleipnir	fenrir sleipnir	eq	2.5.7
fenrir:sleipnir	fenrir sleipnir	eq	2.5.8

Rows per page:

1-10 of 341

References

jvn.jp/en/jp/JVN89272705/index.html

jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html

www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html

www.fenrir.co.jp/grani/note.html

exchange.xforce.ibmcloud.com/vulnerabilities/64435

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2010-3164

cvelist1 prion1 nvd1 jvn1