Japan Vulnerability NotesJVN:33861625JVN#33861625: Iwate Portal Bar vulnerable to arbitrary script execution
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.2%
Iwate Portal Bar is an add-on to Internet Explorer that adds a toolbar and provides multiple functions. The RSS/Atom feed reader function in Iwate Portal Bar is vulnerable to arbitrary script execution due to the improper processing during HTML page output based on feed information.
Impact
An arbitrary script may be executed on the userβs Internet Explorer.
Solution
Do not use Iwate Portal Bar
Please stop use of Iwate Portal Bar according to the information provided by the developer.
The developer has stopped distributing the product.
Products Affected
- Iwate Portal Bar
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
43.2%