Lucene search

[email protected]NVD:CVE-2010-3164

HistoryOct 25, 2010 - 8:01 p.m.

CVE-2010-3164

2010-10-2520:01:03

[email protected]

web.nvd.nist.gov

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.

Affected configurations

NVD

Node

fenrirsleipnirRange≤2.9.4

fenrirsleipnirMatch2.5.0

fenrirsleipnirMatch2.5.1

fenrirsleipnirMatch2.5.2

fenrirsleipnirMatch2.5.3

fenrirsleipnirMatch2.5.4

fenrirsleipnirMatch2.5.5

fenrirsleipnirMatch2.5.6

fenrirsleipnirMatch2.5.7

fenrirsleipnirMatch2.5.8

fenrirsleipnirMatch2.5.9

fenrirsleipnirMatch2.5.10

fenrirsleipnirMatch2.5.11

fenrirsleipnirMatch2.5.12

fenrirsleipnirMatch2.5.13

fenrirsleipnirMatch2.5.14

fenrirsleipnirMatch2.5.15

fenrirsleipnirMatch2.5.16

fenrirsleipnirMatch2.5.17

fenrirsleipnirMatch2.6.0

fenrirsleipnirMatch2.6.1

fenrirsleipnirMatch2.6.2

fenrirsleipnirMatch2.7.0

fenrirsleipnirMatch2.7.1

fenrirsleipnirMatch2.7.1r2

fenrirsleipnirMatch2.7.2

fenrirsleipnirMatch2.8

fenrirsleipnirMatch2.8.2

fenrirsleipnirMatch2.8.3

fenrirsleipnirMatch2.8.4

fenrirsleipnirMatch2.8.5

fenrirsleipnirMatch2.9

fenrirsleipnirMatch2.9.1

fenrirsleipnirMatch2.9.2

fenrirsleipnirMatch2.9.3

Node

fenrirgraniRange≤4.3

fenrirgraniMatch3.0

fenrirgraniMatch3.1

fenrirgraniMatch3.2

fenrirgraniMatch3.5

fenrirgraniMatch4.0

fenrirgraniMatch4.1

fenrirgraniMatch4.2

References

jvn.jp/en/jp/JVN89272705/index.html

jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html

www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html

www.fenrir.co.jp/grani/note.html

exchange.xforce.ibmcloud.com/vulnerabilities/64435

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2010-3164

prion1 jvn1 cve1 cvelist1