Refine your search
4 vulnerabilities found for Portable Sleipnir by Fenrir Inc.
jvndb-2008-000029
Vulnerability from jvndb
Published
2008-06-10 13:59
Modified
2008-06-10 13:59
Summary
Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history
Details
Sleipnir and Grani, web browsers from Fenrir & Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script when search results are restored from history.
Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted string is used in a search, an arbitrary script may be executed on the user's web browser when the search results are restored from history.
Shuya Ueki reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000029.html",
"dc:date": "2008-06-10T13:59+09:00",
"dcterms:issued": "2008-06-10T13:59+09:00",
"dcterms:modified": "2008-06-10T13:59+09:00",
"description": "Sleipnir and Grani, web browsers from Fenrir \u0026 Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script when search results are restored from history.\r\n\r\nSleipnir and Grani, web browsers from Fenrir \u0026 Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted string is used in a search, an arbitrary script may be executed on the user\u0027s web browser when the search results are restored from history.\r\n\r\nShuya Ueki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000029.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:grani",
"@product": "Grani",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000029",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN25448394/index.html",
"@id": "JVN#25448394",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2567",
"@id": "CVE-2008-2567",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2567",
"@id": "CVE-2008-2567",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/30487",
"@id": "SA30487",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/29555",
"@id": "29555",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/42827",
"@id": "42827",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history"
}
jvndb-2007-000804
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution
Details
Sleipnir and Grani, web browsers from Fenrir & Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script.
Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted URL is registered to the bookmark, an attacker could execute an arbitrary script on the user's web browser when the search result is displayed.
References
| Type | URL | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000804.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Sleipnir and Grani, web browsers from Fenrir \u0026 Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script.\r\n\r\nSleipnir and Grani, web browsers from Fenrir \u0026 Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted URL is registered to the bookmark, an attacker could execute an arbitrary script on the user\u0027s web browser when the search result is displayed.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000804.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:grani",
"@product": "Grani",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000804",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN65427327/index.html",
"@id": "JVN#65427327",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6002",
"@id": "CVE-2007-6002",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6002",
"@id": "CVE-2007-6002",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/27655",
"@id": "SA27655",
"@source": "SECUNIA"
},
{
"#text": "http://secunia.com/advisories/27675",
"@id": "SA27675",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/26418",
"@id": "26418",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/38441",
"@id": "38441",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution"
}
jvndb-2007-000091
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone
Details
Sleipnir is a tabbed web browser developed in Japan by Fenrir & Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000091.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Sleipnir is a tabbed web browser developed in Japan by Fenrir \u0026 Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000091.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir:darksky_rss_bar",
"@product": "RSS Bar",
"@vendor": "Darksky",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000091",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN93700808/index.html",
"@id": "JVN#93700808",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0706",
"@id": "CVE-2007-0706",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0706",
"@id": "CVE-2007-0706",
"@source": "NVD"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/0365",
"@id": "FrSIRT/ADV-2007-0365",
"@source": "FRSIRT"
}
],
"title": "Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone"
}
jvndb-2007-000093
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone
Details
Sleipnir is a tabbed web browser developed in Japan by Fenrir & Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000093.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Sleipnir is a tabbed web browser developed in Japan by Fenrir \u0026 Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000093.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir:darksky_rss_bar",
"@product": "RSS Bar",
"@vendor": "Darksky",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000093",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN93700808/index.html",
"@id": "JVN#93700808",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0705",
"@id": "CVE-2007-0705",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0705",
"@id": "CVE-2007-0705",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/23927/",
"@id": "SA23927",
"@source": "SECUNIA"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/0364",
"@id": "FrSIRT/ADV-2007-0364",
"@source": "FRSIRT"
}
],
"title": "Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone"
}