Lucene search

[email protected]NVD:CVE-2010-3163

HistoryOct 25, 2010 - 8:01 p.m.

CVE-2010-3163

2010-10-2520:01:03

[email protected]

web.nvd.nist.gov

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 and Grani before 4.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.

Affected configurations

Nvd

Node

fenrirsleipnirRange≤2.9.4

fenrirsleipnirMatch2.5.0

fenrirsleipnirMatch2.5.1

fenrirsleipnirMatch2.5.2

fenrirsleipnirMatch2.5.3

fenrirsleipnirMatch2.5.4

fenrirsleipnirMatch2.5.5

fenrirsleipnirMatch2.5.6

fenrirsleipnirMatch2.5.7

fenrirsleipnirMatch2.5.8

fenrirsleipnirMatch2.5.9

fenrirsleipnirMatch2.5.10

fenrirsleipnirMatch2.5.11

fenrirsleipnirMatch2.5.12

fenrirsleipnirMatch2.5.13

fenrirsleipnirMatch2.5.14

fenrirsleipnirMatch2.5.15

fenrirsleipnirMatch2.5.16

fenrirsleipnirMatch2.5.17

fenrirsleipnirMatch2.6.0

fenrirsleipnirMatch2.6.1

fenrirsleipnirMatch2.6.2

fenrirsleipnirMatch2.7.0

fenrirsleipnirMatch2.7.1

fenrirsleipnirMatch2.7.1r2

fenrirsleipnirMatch2.7.2

fenrirsleipnirMatch2.8

fenrirsleipnirMatch2.8.2

fenrirsleipnirMatch2.8.3

fenrirsleipnirMatch2.8.4

fenrirsleipnirMatch2.8.5

fenrirsleipnirMatch2.9

fenrirsleipnirMatch2.9.1

fenrirsleipnirMatch2.9.2

fenrirsleipnirMatch2.9.3

Node

fenrirgraniRange≤4.3

fenrirgraniMatch3.0

fenrirgraniMatch3.1

fenrirgraniMatch3.2

fenrirgraniMatch3.5

fenrirgraniMatch4.0

fenrirgraniMatch4.1

fenrirgraniMatch4.2

VendorProductVersionCPE
fenrirsleipnir*cpe:2.3:a:fenrir:sleipnir:*:*:*:*:*:*:*:*
fenrirsleipnir2.5.0cpe:2.3:a:fenrir:sleipnir:2.5.0:*:*:*:*:*:*:*
fenrirsleipnir2.5.1cpe:2.3:a:fenrir:sleipnir:2.5.1:*:*:*:*:*:*:*
fenrirsleipnir2.5.2cpe:2.3:a:fenrir:sleipnir:2.5.2:*:*:*:*:*:*:*
fenrirsleipnir2.5.3cpe:2.3:a:fenrir:sleipnir:2.5.3:*:*:*:*:*:*:*
fenrirsleipnir2.5.4cpe:2.3:a:fenrir:sleipnir:2.5.4:*:*:*:*:*:*:*
fenrirsleipnir2.5.5cpe:2.3:a:fenrir:sleipnir:2.5.5:*:*:*:*:*:*:*
fenrirsleipnir2.5.6cpe:2.3:a:fenrir:sleipnir:2.5.6:*:*:*:*:*:*:*
fenrirsleipnir2.5.7cpe:2.3:a:fenrir:sleipnir:2.5.7:*:*:*:*:*:*:*
fenrirsleipnir2.5.8cpe:2.3:a:fenrir:sleipnir:2.5.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fenrir	sleipnir	*	cpe:2.3:a:fenrir:sleipnir::::::::
fenrir	sleipnir	2.5.0	cpe:2.3:a:fenrir:sleipnir:2.5.0:::::::*
fenrir	sleipnir	2.5.1	cpe:2.3:a:fenrir:sleipnir:2.5.1:::::::*
fenrir	sleipnir	2.5.2	cpe:2.3:a:fenrir:sleipnir:2.5.2:::::::*
fenrir	sleipnir	2.5.3	cpe:2.3:a:fenrir:sleipnir:2.5.3:::::::*
fenrir	sleipnir	2.5.4	cpe:2.3:a:fenrir:sleipnir:2.5.4:::::::*
fenrir	sleipnir	2.5.5	cpe:2.3:a:fenrir:sleipnir:2.5.5:::::::*
fenrir	sleipnir	2.5.6	cpe:2.3:a:fenrir:sleipnir:2.5.6:::::::*
fenrir	sleipnir	2.5.7	cpe:2.3:a:fenrir:sleipnir:2.5.7:::::::*
fenrir	sleipnir	2.5.8	cpe:2.3:a:fenrir:sleipnir:2.5.8:::::::*

Rows per page:

1-10 of 431

References

jvn.jp/en/jp/JVN50610528/index.html

jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000047.html

www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html

www.fenrir.co.jp/grani/note.html

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2010-3163

cvelist1 prion1 cve1 jvn1