Search criteria
3 vulnerabilities found for portable_sleipnir by fenrir
FKIE_CVE-2007-0705
Vulnerability from fkie_nvd - Published: 2007-02-04 00:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fenrir | portable_sleipnir | * | |
| fenrir | sleipnir | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fenrir:portable_sleipnir:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3763C8EF-BB59-4938-9964-498ADEE40A00",
"versionEndIncluding": "2.45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fenrir:sleipnir:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E0E67AA7-1661-4BB2-A22A-68666E933E5D",
"versionEndIncluding": "2.49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de zona en Sleipnir 2.49 y anteriores, y Portable Sleipnir 2.45 y anteriores, permite a atacantes remotos evitar restricciones de zonas de contenidos Web mediante cierto script contenido en informaci\u00f3n RSS. NOTA: algunos de estos detalles han sido obtenidos \u00fanicamente de informaci\u00f3n de terceros."
}
],
"id": "CVE-2007-0705",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-04T00:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32977"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/23927"
},
{
"source": "cve@mitre.org",
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/0364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32977"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/23927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/0364"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-0705 (GCVE-0-2007-0705)
Vulnerability from cvelistv5 – Published: 2007-02-04 00:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0364",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0364"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"name": "JVN#93700808",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"name": "32977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32977"
},
{
"name": "23927",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23927"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0364",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0364"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"name": "JVN#93700808",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"name": "32977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32977"
},
{
"name": "23927",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23927"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0364",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0364"
},
{
"name": "http://www.fenrir.co.jp/press/20070126_2.html",
"refsource": "MISC",
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"name": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"name": "JVN#93700808",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"name": "32977",
"refsource": "OSVDB",
"url": "http://osvdb.org/32977"
},
{
"name": "23927",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23927"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0705",
"datePublished": "2007-02-04T00:00:00",
"dateReserved": "2007-02-03T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0705 (GCVE-0-2007-0705)
Vulnerability from nvd – Published: 2007-02-04 00:00 – Updated: 2024-08-07 12:26
VLAI?
Summary
Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2007-0364",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0364"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"name": "JVN#93700808",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"name": "32977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32977"
},
{
"name": "23927",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23927"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-11-11T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2007-0364",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0364"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"name": "JVN#93700808",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"name": "32977",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32977"
},
{
"name": "23927",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23927"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0705",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-zone scripting vulnerability in Sleipnir 2.49 and earlier, and Portable Sleipnir 2.45 and earlier, allows remote attackers to bypass Web content zone restrictions via certain script contained in RSS data. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2007-0364",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0364"
},
{
"name": "http://www.fenrir.co.jp/press/20070126_2.html",
"refsource": "MISC",
"url": "http://www.fenrir.co.jp/press/20070126_2.html"
},
{
"name": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html",
"refsource": "MISC",
"url": "http://www.ipa.go.jp/security/vuln/documents/2006/JVN_93700808.html"
},
{
"name": "JVN#93700808",
"refsource": "JVN",
"url": "http://jvn.jp/jp/JVN%2393700808/index.html"
},
{
"name": "32977",
"refsource": "OSVDB",
"url": "http://osvdb.org/32977"
},
{
"name": "23927",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23927"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0705",
"datePublished": "2007-02-04T00:00:00",
"dateReserved": "2007-02-03T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}