Lucene search

Kaspersky LabKLA10085

HistoryAug 28, 2009 - 12:00 a.m.

KLA10085 SUI vulnerability in Avant

2009-08-2800:00:00

Kaspersky Lab

threats.kaspersky.com

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.0%

JSON

An unspecified vulnerability was found in the Avant browser. By exploiting this vulnerability malicious users can spoof the address bar. This vulnerability can be exploited from the network at a point related to opening windows via a specially designed URI.

Original advisories

Blog record

Related products

Avant-Browser

CVE list

CVE-2009-3004 warning

Solution

Update to latest version

Impacts

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

Avant Browser version 11.7 builds 35 and 36

References

lostmon.blogspot.ru/2009/08/multiple-browsers-fake-url-folder-file.html

statistics.securelist.com/

threats.kaspersky.com/en/product/Avant-Browser/

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.5 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.0%

JSON

Related for KLA10085