Lucene search

[email protected]CVE-2012-4004

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-4004

2022-10-0316:15:33

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-4004

cross-site scripting

xss

sleipnir mobile

android

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.8%

JSON

Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to inject arbitrary web script or HTML via a crafted application that interacts with an unspecified Sleipnir Mobile function.

Affected configurations

NVD

Node

fenrir-incsleipnir_mobileRange≤2.2.0-black

fenrir-incsleipnir_mobileMatch1.0.0alphablack

fenrir-incsleipnir_mobileMatch1.0.0beta_update1black

fenrir-incsleipnir_mobileMatch1.0.0rcblack

fenrir-incsleipnir_mobileMatch1.1.0-black

fenrir-incsleipnir_mobileMatch1.2.0-black

fenrir-incsleipnir_mobileMatch1.3.0-black

fenrir-incsleipnir_mobileMatch1.4.0-black

fenrir-incsleipnir_mobileMatch1.5.0-black

fenrir-incsleipnir_mobileMatch1.5.1-black

fenrir-incsleipnir_mobileMatch1.6.0-black

fenrir-incsleipnir_mobileMatch1.7.0-black

fenrir-incsleipnir_mobileMatch1.7.1-black

fenrir-incsleipnir_mobileMatch2.0.0-black

fenrir-incsleipnir_mobileMatch2.0.1-black

fenrir-incsleipnir_mobileMatch2.0.2-black

fenrir-incsleipnir_mobileMatch2.0.3-black

fenrir-incsleipnir_mobileMatch2.0.4-black

fenrir-incsleipnir_mobileMatch2.1.0-black

Node

fenrir-incsleipnir_mobileRange≤2.2.0

fenrir-incsleipnir_mobileMatch1.0.0alpha

fenrir-incsleipnir_mobileMatch1.0.0beta_update1

fenrir-incsleipnir_mobileMatch1.0.0rc

fenrir-incsleipnir_mobileMatch1.1.0

fenrir-incsleipnir_mobileMatch1.2.0

fenrir-incsleipnir_mobileMatch1.3.0

fenrir-incsleipnir_mobileMatch1.4.0

fenrir-incsleipnir_mobileMatch1.5.0

fenrir-incsleipnir_mobileMatch1.5.1

fenrir-incsleipnir_mobileMatch1.6.0

fenrir-incsleipnir_mobileMatch1.7.0

fenrir-incsleipnir_mobileMatch1.7.1

fenrir-incsleipnir_mobileMatch2.0.0

fenrir-incsleipnir_mobileMatch2.0.1

fenrir-incsleipnir_mobileMatch2.0.2

fenrir-incsleipnir_mobileMatch2.0.3

fenrir-incsleipnir_mobileMatch2.0.4

fenrir-incsleipnir_mobileMatch2.1.0

CPENameOperatorVersion
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobilele2.2.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.0.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.1.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.2.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.3.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.4.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.5.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.5.1
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.6.0
fenrir-inc:sleipnir_mobilefenrir-inc sleipnir mobileeq1.7.0

CPE	Name	Operator	Version
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	le	2.2.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.0.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.1.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.2.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.3.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.4.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.5.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.5.1
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.6.0
fenrir-inc:sleipnir_mobile	fenrir-inc sleipnir mobile	eq	1.7.0

Rows per page:

1-10 of 171

References

jvn.jp/en/jp/JVN39519659/index.html

jvndb.jvn.jp/jvndb/JVNDB-2012-000076

play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir

play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.8%

JSON

Related for CVE-2012-4004

jvn1 nvd1 cvelist1 prion1