2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2010-3164" ,
"sourceIdentifier" : "vultures@jpcert.or.jp" ,
"published" : "2010-10-25T20:01:03.580" ,
2024-11-22 11:14:00 +00:00
"lastModified" : "2024-11-21T01:18:10.547" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory."
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de ruta de b\u00fasqueda no confiable en Fenrir Sleipnir v2.9.4 y anteriores y Grani v4.3 y anteriores permite a usuarios locales obtener privilegios a trav\u00e9s de un troyano que est\u00e1 ubicado en la carpeta actual de trabajo.\r\n"
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:L/AC:M/Au:N/C:C/I:C/A:C" ,
2024-11-22 11:14:00 +00:00
"baseScore" : 6.9 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "LOCAL" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "COMPLETE" ,
"integrityImpact" : "COMPLETE" ,
2024-11-22 11:14:00 +00:00
"availabilityImpact" : "COMPLETE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 3.4 ,
"impactScore" : 10.0 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : true
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-Other"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "2.9.4" ,
"matchCriteriaId" : "BF224000-FC60-48B5-A80A-2E52DBFA9C67"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E7AE3589-EF1F-4906-BD9F-79B48F02605C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2D795C76-C0B8-4D70-A39E-557D0490CA6C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "98C7A96D-80A8-488C-941B-43CF3CFF5CB6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F1CECD6F-041F-433E-BD1B-8B83A896E1DD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DC806925-0EBC-4A62-9CA2-C06A9464CABA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2BFB259A-0A01-41C0-957B-F1BFEBBC4621"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B3D6A1E2-CA52-4AB5-B4D2-D9D880B2ABD4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "29D748E1-B31E-4B4A-8F6C-FED7C6682020"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62E0F7F6-35AD-4BA0-ABB4-CA4AF9B2280B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6283AF14-DF4C-4D6B-92A4-486BD1B1E23D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DD31D8D0-FC9D-46D8-8107-4432AC38CB7A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EF05E82F-D4E7-4D5F-915B-862261EE75D1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.12:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6566B45F-EE80-41DE-9148-76324F3ED3C1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.13:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "43927247-83B1-4000-900F-90D4BC17EE3C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.14:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5268078F-6127-4107-B916-83FFAE448A77"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.15:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D01FCBA7-B144-4879-A4CB-8C7EE2A46E65"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.16:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "43813DF8-D463-40B8-8D69-13398C0D9B9E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.5.17:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BE63C7D1-2701-48F8-8C30-0F474E25FC12"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E7A21B8B-677F-4F79-8E15-B68F8B926EA3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "092C6BAD-12EF-42C2-AB6D-7549AEB7B2CB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.6.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9CEE9AB5-F7C2-4D5D-AFFF-CDE91EF347A1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "49C2C651-3F69-4C17-AA56-D9E141FCF053"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.7.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E2D0DC71-F8B9-4BE1-9462-948E610B6C47"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.7.1:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "BB631A4F-AB11-4426-98B8-2398CD7EB82E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.7.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C80ADAAA-64CC-42A4-B8E6-A951C7473B17"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BED96F34-CCA5-4056-BFF6-817468EA2187"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.8.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "16B52778-D697-463F-9252-1B1D3C0D975E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.8.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1835F518-7065-41FA-9659-0898B9620B9A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.8.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "193A1B10-1C5B-4933-8C22-1AD5C739E358"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.8.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F5BD044-859A-439B-B5E3-107D9252C7F6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C4D82F84-D15D-4034-9AD2-5E42D7A9CF4A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.9.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1D9F85EE-F47C-4291-A162-091B565826CA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.9.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1233AF74-35EC-45C3-A4ED-9B364D4FB401"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:sleipnir:2.9.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "96EB8FCA-C7EC-4BEA-B91B-F80FA4E78A2A"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:*:*:*:*:*:*:*:*" ,
"versionEndIncluding" : "4.3" ,
"matchCriteriaId" : "50B4E2F7-5B2D-4174-9E7B-7EA5BA7E2AC8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:3.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E28BA839-EBCA-461A-AE44-2CFBBE006341"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:3.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4B0418CF-47E2-4C32-93C1-36EA37833CF1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:3.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D2A9ACA9-3D93-4C8C-85F2-8E977ACAD8BA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:3.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "46CBC2EB-1D53-4ADA-97EA-81D8C67EFC90"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:4.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "439C0D2A-DA16-426F-8EF8-AA71B6158CE0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:4.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8F26FDE1-515D-434A-A68E-0F0055685EC7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:fenrir:grani:4.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A88A00FB-3224-4CBB-B358-F58E4B8F89FB"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://jvn.jp/en/jp/JVN89272705/index.html" ,
"source" : "vultures@jpcert.or.jp"
} ,
{
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html" ,
"source" : "vultures@jpcert.or.jp"
} ,
{
"url" : "http://www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html" ,
"source" : "vultures@jpcert.or.jp" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://www.fenrir.co.jp/grani/note.html" ,
"source" : "vultures@jpcert.or.jp" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64435" ,
"source" : "vultures@jpcert.or.jp"
2024-11-22 11:14:00 +00:00
} ,
{
"url" : "http://jvn.jp/en/jp/JVN89272705/index.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.fenrir.co.jp/blog/2010/10/sleipnirsleipnir_295.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "http://www.fenrir.co.jp/grani/note.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/64435" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
2024-11-22 11:14:00 +00:00
] ,
"evaluatorComment" : "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n'CWE-426: Untrusted Search Path'"
2023-04-24 12:24:31 +02:00
}
