Refine your search
9 vulnerabilities found for Sleipnir by Fenrir Inc.
jvndb-2016-000242
Vulnerability from jvndb
Published
2016-12-07 14:44
Modified
2018-01-17 11:48
Severity ?
Summary
Sleipnir for Mac vulnerable to URL spoofing
Details
Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition.
Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000242.html",
"dc:date": "2018-01-17T11:48+09:00",
"dcterms:issued": "2016-12-07T14:44+09:00",
"dcterms:modified": "2018-01-17T11:48+09:00",
"description": "Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition.\r\n\r\nYuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000242.html",
"sec:cpe": {
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
"sec:cvss": [
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
{
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2016-000242",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN28151745/index.html",
"@id": "JVN#28151745",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7831",
"@id": "CVE-2016-7831",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-7831",
"@id": "CVE-2016-7831",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Sleipnir for Mac vulnerable to URL spoofing"
}
jvndb-2013-000032
Vulnerability from jvndb
Published
2013-04-11 14:14
Modified
2013-04-11 14:14
Summary
Sleipnir for Windows vulnerable to address bar spoofing
Details
Sleipnir for Windows contains an issue in displaying colors and the padlock icon on the address bar, which may result in the address bar being spoofed.
Keita Haga of keitahaga.com reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000032.html",
"dc:date": "2013-04-11T14:14+09:00",
"dcterms:issued": "2013-04-11T14:14+09:00",
"dcterms:modified": "2013-04-11T14:14+09:00",
"description": "Sleipnir for Windows contains an issue in displaying colors and the padlock icon on the address bar, which may result in the address bar being spoofed.\r\n\r\nKeita Haga of keitahaga.com reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000032.html",
"sec:cpe": {
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000032",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN65034198/index.html",
"@id": "JVN#65034198",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2303",
"@id": "CVE-2013-2303",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2303",
"@id": "CVE-2013-2303",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
}
],
"title": "Sleipnir for Windows vulnerable to address bar spoofing"
}
jvndb-2010-000057
Vulnerability from jvndb
Published
2010-12-01 20:27
Modified
2010-12-01 20:27
Summary
Clipboard contents alteration vulnerability in Sleipnir
Details
Sleipnir contains a vulnerability in which the contents of the clipboard may be altered.
Sleipnir, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Sleipnir is being used under certain settings, the contents of the clipboard may be read or written from a website.
According to the developer, users who are using the version 2.9.6 that was released prior to November 25, 2010 at 3pm (Japan Time) with the default settings are affected by this vulnerability.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000057.html",
"dc:date": "2010-12-01T20:27+09:00",
"dcterms:issued": "2010-12-01T20:27+09:00",
"dcterms:modified": "2010-12-01T20:27+09:00",
"description": "Sleipnir contains a vulnerability in which the contents of the clipboard may be altered.\r\n\r\nSleipnir, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Sleipnir is being used under certain settings, the contents of the clipboard may be read or written from a website.\r\n\r\nAccording to the developer, users who are using the version 2.9.6 that was released prior to November 25, 2010 at 3pm (Japan Time) with the default settings are affected by this vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000057.html",
"sec:cpe": {
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000057",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN64764004/index.html",
"@id": "JVN#64764004",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3918",
"@id": "CVE-2010-3918",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3918",
"@id": "CVE-2010-3918",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/42427",
"@id": "SA42427",
"@source": "SECUNIA"
},
{
"#text": "http://osvdb.org/69604",
"@id": "69604",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Clipboard contents alteration vulnerability in Sleipnir"
}
jvndb-2010-000048
Vulnerability from jvndb
Published
2010-10-25 17:43
Modified
2010-10-25 17:43
Summary
Sleipnir and Grani may insecurely load executable files
Details
Sleipnir and Grani may use unsafe methods for determining how to load executables (.exe).
Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani load certain executables when displaying the source code of the HTML file currently being viewed. Sleipnir and Grani contain an issue with the file search path, which may insecurely load executables.
Makoto Shiotsuki reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html",
"dc:date": "2010-10-25T17:43+09:00",
"dcterms:issued": "2010-10-25T17:43+09:00",
"dcterms:modified": "2010-10-25T17:43+09:00",
"description": "Sleipnir and Grani may use unsafe methods for determining how to load executables (.exe).\r\n\r\nSleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani load certain executables when displaying the source code of the HTML file currently being viewed. Sleipnir and Grani contain an issue with the file search path, which may insecurely load executables.\r\n\r\nMakoto Shiotsuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:grani",
"@product": "Grani",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.1",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000048",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN89272705/index.html",
"@id": "JVN#89272705",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/tr/JVNTR-2010-23",
"@id": "JVNTR-2010-23",
"@source": "JVNTR"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3164",
"@id": "CVE-2010-3164",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3164",
"@id": "CVE-2010-3164",
"@source": "NVD"
},
{
"#text": "http://www.us-cert.gov/cas/techalerts/TA10-238A.html",
"@id": "TA10-238A",
"@source": "CERT-TA"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Sleipnir and Grani may insecurely load executable files"
}
jvndb-2010-000047
Vulnerability from jvndb
Published
2010-10-25 17:42
Modified
2010-10-25 17:42
Summary
Sleipnir and Grani may insecurely load dynamic libraries
Details
Sleipnir and Grani may use unsafe methods for determining how to load DLLs.
Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.
Makoto Shiotsuki reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000047.html",
"dc:date": "2010-10-25T17:42+09:00",
"dcterms:issued": "2010-10-25T17:42+09:00",
"dcterms:modified": "2010-10-25T17:42+09:00",
"description": "Sleipnir and Grani may use unsafe methods for determining how to load DLLs.\r\n\r\nSleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL\u0027s when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.\r\n\r\nMakoto Shiotsuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000047.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:grani",
"@product": "Grani",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000047",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN50610528/index.html",
"@id": "JVN#50610528",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/tr/JVNTR-2010-23",
"@id": "JVNTR-2010-23",
"@source": "JVNTR"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3163",
"@id": "CVE-2010-3163",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3163",
"@id": "CVE-2010-3163",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201010_Sleipnir_en.html",
"@id": "Security Alert for Vulnerability in Sleipnir and Grani",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://www.kb.cert.org/vuls/id/707943",
"@id": "VU#707943",
"@source": "CERT-VN"
},
{
"#text": "http://www.us-cert.gov/cas/techalerts/TA10-238A.html",
"@id": "TA10-238A",
"@source": "CERT-TA"
}
],
"title": "Sleipnir and Grani may insecurely load dynamic libraries"
}
jvndb-2008-000029
Vulnerability from jvndb
Published
2008-06-10 13:59
Modified
2008-06-10 13:59
Summary
Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history
Details
Sleipnir and Grani, web browsers from Fenrir & Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script when search results are restored from history.
Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted string is used in a search, an arbitrary script may be executed on the user's web browser when the search results are restored from history.
Shuya Ueki reported this vulnerability to IPA.
JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000029.html",
"dc:date": "2008-06-10T13:59+09:00",
"dcterms:issued": "2008-06-10T13:59+09:00",
"dcterms:modified": "2008-06-10T13:59+09:00",
"description": "Sleipnir and Grani, web browsers from Fenrir \u0026 Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script when search results are restored from history.\r\n\r\nSleipnir and Grani, web browsers from Fenrir \u0026 Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted string is used in a search, an arbitrary script may be executed on the user\u0027s web browser when the search results are restored from history.\r\n\r\nShuya Ueki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000029.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:grani",
"@product": "Grani",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-000029",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN25448394/index.html",
"@id": "JVN#25448394",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2567",
"@id": "CVE-2008-2567",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2567",
"@id": "CVE-2008-2567",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/30487",
"@id": "SA30487",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/29555",
"@id": "29555",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/42827",
"@id": "42827",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history"
}
jvndb-2007-000093
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone
Details
Sleipnir is a tabbed web browser developed in Japan by Fenrir & Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000093.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Sleipnir is a tabbed web browser developed in Japan by Fenrir \u0026 Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000093.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir:darksky_rss_bar",
"@product": "RSS Bar",
"@vendor": "Darksky",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000093",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN93700808/index.html",
"@id": "JVN#93700808",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0705",
"@id": "CVE-2007-0705",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0705",
"@id": "CVE-2007-0705",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/23927/",
"@id": "SA23927",
"@source": "SECUNIA"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/0364",
"@id": "FrSIRT/ADV-2007-0364",
"@source": "FRSIRT"
}
],
"title": "Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone"
}
jvndb-2007-000804
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution
Details
Sleipnir and Grani, web browsers from Fenrir & Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script.
Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted URL is registered to the bookmark, an attacker could execute an arbitrary script on the user's web browser when the search result is displayed.
References
| Type | URL | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000804.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Sleipnir and Grani, web browsers from Fenrir \u0026 Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script.\r\n\r\nSleipnir and Grani, web browsers from Fenrir \u0026 Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted URL is registered to the bookmark, an attacker could execute an arbitrary script on the user\u0027s web browser when the search result is displayed.",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000804.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:grani",
"@product": "Grani",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000804",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN65427327/index.html",
"@id": "JVN#65427327",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6002",
"@id": "CVE-2007-6002",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6002",
"@id": "CVE-2007-6002",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/27655",
"@id": "SA27655",
"@source": "SECUNIA"
},
{
"#text": "http://secunia.com/advisories/27675",
"@id": "SA27675",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/26418",
"@id": "26418",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/38441",
"@id": "38441",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution"
}
jvndb-2007-000091
Vulnerability from jvndb
Published
2008-05-21 00:00
Modified
2008-05-21 00:00
Summary
Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone
Details
Sleipnir is a tabbed web browser developed in Japan by Fenrir & Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000091.html",
"dc:date": "2008-05-21T00:00+09:00",
"dcterms:issued": "2008-05-21T00:00+09:00",
"dcterms:modified": "2008-05-21T00:00+09:00",
"description": "Sleipnir is a tabbed web browser developed in Japan by Fenrir \u0026 Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).",
"link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000091.html",
"sec:cpe": [
{
"#text": "cpe:/a:fenrir-inc:portable_sleipnir",
"@product": "Portable Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir-inc:sleipnir",
"@product": "Sleipnir",
"@vendor": "Fenrir Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:fenrir:darksky_rss_bar",
"@product": "RSS Bar",
"@vendor": "Darksky",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2007-000091",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN93700808/index.html",
"@id": "JVN#93700808",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0706",
"@id": "CVE-2007-0706",
"@source": "CVE"
},
{
"#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0706",
"@id": "CVE-2007-0706",
"@source": "NVD"
},
{
"#text": "http://www.frsirt.com/english/advisories/2007/0365",
"@id": "FrSIRT/ADV-2007-0365",
"@source": "FRSIRT"
}
],
"title": "Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone"
}