Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    19 vulnerabilities by Fenrir Inc.

    CVE-2016-7831 (GCVE-0-2016-7831)

    Vulnerability from nvd – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage.
    Severity
    No CVSS data available.
    CWE
    • User Interface (UI) Misrepresentation of Information
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94830 vdb-entryx_refsource_BID
    https://jvn.jp/en/jp/JVN28151745/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Date Public
    2016-12-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.180Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94830",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94830"
              },
              {
                "name": "JVN#28151745",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN28151745/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sleipnir 4 Black Edition for Mac",
              "vendor": "Fenrir Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.3 and earlier"
                }
              ]
            },
            {
              "product": "Sleipnir 4 for Mac",
              "vendor": "Fenrir Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.3 and earlier (Mac App Store)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "User Interface (UI) Misrepresentation of Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "94830",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94830"
            },
            {
              "name": "JVN#28151745",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN28151745/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7831",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sleipnir 4 Black Edition for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.3 and earlier"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Sleipnir 4 for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.3 and earlier (Mac App Store)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fenrir Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "User Interface (UI) Misrepresentation of Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94830",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94830"
                },
                {
                  "name": "JVN#28151745",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN28151745/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7831",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-7831 (GCVE-0-2016-7831)

    Vulnerability from cvelistv5 – Published: 2017-06-09 16:00 – Updated: 2024-08-06 02:04
    VLAI
    Summary
    Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage.
    Severity
    No CVSS data available.
    CWE
    • User Interface (UI) Misrepresentation of Information
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/94830 vdb-entryx_refsource_BID
    https://jvn.jp/en/jp/JVN28151745/index.html third-party-advisoryx_refsource_JVN
    Impacted products
    Date Public
    2016-12-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:04:56.180Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94830",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94830"
              },
              {
                "name": "JVN#28151745",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "https://jvn.jp/en/jp/JVN28151745/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sleipnir 4 Black Edition for Mac",
              "vendor": "Fenrir Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.3 and earlier"
                }
              ]
            },
            {
              "product": "Sleipnir 4 for Mac",
              "vendor": "Fenrir Inc.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.5.3 and earlier (Mac App Store)"
                }
              ]
            }
          ],
          "datePublic": "2016-12-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "User Interface (UI) Misrepresentation of Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-06-12T09:57:01.000Z",
            "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
            "shortName": "jpcert"
          },
          "references": [
            {
              "name": "94830",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94830"
            },
            {
              "name": "JVN#28151745",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "https://jvn.jp/en/jp/JVN28151745/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "vultures@jpcert.or.jp",
              "ID": "CVE-2016-7831",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Sleipnir 4 Black Edition for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.3 and earlier"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Sleipnir 4 for Mac",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "4.5.3 and earlier (Mac App Store)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Fenrir Inc."
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Sleipnir 4 Black Edition for Mac 4.5.3 and earlier and Sleipnir 4 for Mac 4.5.3 and earlier (Mac App Store) may allow a remote attacker to spoof the URL display via a specially crafted webpage."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "User Interface (UI) Misrepresentation of Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94830",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94830"
                },
                {
                  "name": "JVN#28151745",
                  "refsource": "JVN",
                  "url": "https://jvn.jp/en/jp/JVN28151745/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
        "assignerShortName": "jpcert",
        "cveId": "CVE-2016-7831",
        "datePublished": "2017-06-09T16:00:00.000Z",
        "dateReserved": "2016-09-09T00:00:00.000Z",
        "dateUpdated": "2024-08-06T02:04:56.180Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    JVNDB-2016-000242

    Vulnerability from jvndb - Published: 2016-12-07 14:44 - Updated:2018-01-17 11:48
    Severity
    Summary
    Sleipnir for Mac vulnerable to URL spoofing
    Details
    Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000242.html",
      "dc:date": "2018-01-17T11:48+09:00",
      "dcterms:issued": "2016-12-07T14:44+09:00",
      "dcterms:modified": "2018-01-17T11:48+09:00",
      "description": "Sleipnir for Mac provided by Fenrir Inc. contains a URL spoofing vulnerability due to a flaw in the page transition.\r\n\r\nYuji Tounai of NTT Communications Corporation reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000242.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir",
        "@product": "Sleipnir",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": [
        {
          "@score": "4.3",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "@version": "2.0"
        },
        {
          "@score": "4.3",
          "@severity": "Medium",
          "@type": "Base",
          "@vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "@version": "3.0"
        }
      ],
      "sec:identifier": "JVNDB-2016-000242",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN28151745/index.html",
          "@id": "JVN#28151745",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7831",
          "@id": "CVE-2016-7831",
          "@source": "CVE"
        },
        {
          "#text": "https://nvd.nist.gov/vuln/detail/CVE-2016-7831",
          "@id": "CVE-2016-7831",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Sleipnir for Mac vulnerable to URL spoofing"
    }

    JVNDB-2014-000007

    Vulnerability from jvndb - Published: 2014-01-22 15:29 - Updated:2014-01-27 09:47
    Severity
    N/A (UNKNOWN) - -
    Summary
    Information disclosure vulnerability in Sleipnir Mobile for Android
    Details
    Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may result in the disclosure of a user's location. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may result in the disclosure of a user's location. Ryoji Tamura reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000007.html",
      "dc:date": "2014-01-27T09:47+09:00",
      "dcterms:issued": "2014-01-22T15:29+09:00",
      "dcterms:modified": "2014-01-27T09:47+09:00",
      "description": "Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may result in the disclosure of a user\u0027s location.\r\n\r\nSleipnir Mobile for Android is a web browser for Android devices.  Sleipnir Mobile for Android contains an issue in handling Geolocation API, which may result in the disclosure of a user\u0027s location.\r\n\r\nRyoji Tamura reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2014/JVNDB-2014-000007.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir_mobile",
        "@product": "Sleipnir Mobile",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2014-000007",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN81637882/index.html",
          "@id": "JVN#81637882",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0806",
          "@id": "CVE-2014-0806",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0806",
          "@id": "CVE-2014-0806",
          "@source": "NVD"
        },
        {
          "#text": "http://www.w3.org/TR/geolocation-API/#privacy_for_uas",
          "@id": "W3C - Geolocation API Specification",
          "@source": "Related Information"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Information disclosure vulnerability in Sleipnir Mobile for Android"
    }

    JVNDB-2013-000046

    Vulnerability from jvndb - Published: 2013-05-29 15:19 - Updated:2013-05-29 15:19
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir Mobile for Android vulnerable to address bar spoofing
    Details
    Sleipnir Mobile for Android contains an issue when opening a new window, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000046.html",
      "dc:date": "2013-05-29T15:19+09:00",
      "dcterms:issued": "2013-05-29T15:19+09:00",
      "dcterms:modified": "2013-05-29T15:19+09:00",
      "description": "Sleipnir Mobile for Android contains an issue when opening a new window, which may result in the address bar being spoofed.\r\n\r\nKeita Haga of keitahaga.com reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000046.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir_mobile",
        "@product": "Sleipnir Mobile",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000046",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN22756333/index.html",
          "@id": "JVN#22756333",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2317",
          "@id": "CVE-2013-2317",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2317",
          "@id": "CVE-2013-2317",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Sleipnir Mobile for Android vulnerable to address bar spoofing"
    }

    JVNDB-2013-000033

    Vulnerability from jvndb - Published: 2013-04-12 12:41 - Updated:2013-04-12 12:41
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir Mobile for Android loads arbitrary Extension API
    Details
    Sleipnir Mobile for Android has an Extension mechanism to customize browser functions, and this Extension function makes calls to an Extension API. Sleipnir Mobile for Android contains an issue that may allow a specially crafted web page to load an arbitrary Extension API. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000033.html",
      "dc:date": "2013-04-12T12:41+09:00",
      "dcterms:issued": "2013-04-12T12:41+09:00",
      "dcterms:modified": "2013-04-12T12:41+09:00",
      "description": "Sleipnir Mobile for Android has an Extension mechanism to customize browser functions, and this Extension function makes calls to an Extension API.\r\nSleipnir Mobile for Android contains an issue that may allow a specially crafted web page to load an arbitrary Extension API.\r\n\r\nKeita Haga of keitahaga.com reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000033.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir_mobile",
        "@product": "Sleipnir Mobile",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000033",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN02895867/index.html",
          "@id": "JVN#02895867",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2304",
          "@id": "CVE-2013-2304",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2304",
          "@id": "CVE-2013-2304",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-264",
          "@title": "Permissions(CWE-264)"
        }
      ],
      "title": "Sleipnir Mobile for Android loads arbitrary Extension API"
    }

    JVNDB-2013-000032

    Vulnerability from jvndb - Published: 2013-04-11 14:14 - Updated:2013-04-11 14:14
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir for Windows vulnerable to address bar spoofing
    Details
    Sleipnir for Windows contains an issue in displaying colors and the padlock icon on the address bar, which may result in the address bar being spoofed. Keita Haga of keitahaga.com reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000032.html",
      "dc:date": "2013-04-11T14:14+09:00",
      "dcterms:issued": "2013-04-11T14:14+09:00",
      "dcterms:modified": "2013-04-11T14:14+09:00",
      "description": "Sleipnir for Windows contains an issue in displaying colors and the padlock icon on the address bar, which may result in the address bar being spoofed.\r\n\r\nKeita Haga of keitahaga.com reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000032.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir",
        "@product": "Sleipnir",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.3",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2013-000032",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN65034198/index.html",
          "@id": "JVN#65034198",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2303",
          "@id": "CVE-2013-2303",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2303",
          "@id": "CVE-2013-2303",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-noinfo",
          "@title": "No Mapping(CWE-noinfo)"
        }
      ],
      "title": "Sleipnir for Windows vulnerable to address bar spoofing"
    }

    JVNDB-2012-000076

    Vulnerability from jvndb - Published: 2012-08-08 14:43 - Updated:2012-08-08 14:43
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir Mobile for Android vulnerable to arbitrary script execution
    Details
    Sleipnir Mobile for Android contains an arbitrary script execution vulnerability. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary script execution vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000076.html",
      "dc:date": "2012-08-08T14:43+09:00",
      "dcterms:issued": "2012-08-08T14:43+09:00",
      "dcterms:modified": "2012-08-08T14:43+09:00",
      "description": "Sleipnir Mobile for Android contains an arbitrary script execution vulnerability.\r\n\r\nSleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary script execution vulnerability.\r\n\r\nGaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000076.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir_mobile",
        "@product": "Sleipnir Mobile",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "4.0",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2012-000076",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN39519659/index.html",
          "@id": "JVN#39519659",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4004",
          "@id": "CVE-2012-4004",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4004",
          "@id": "CVE-2012-4004",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Sleipnir Mobile for Android vulnerable to arbitrary script execution"
    }

    JVNDB-2012-000075

    Vulnerability from jvndb - Published: 2012-08-08 14:39 - Updated:2012-08-08 14:39
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir Mobile for Android vulnerable to arbitrary Java method execution
    Details
    Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000075.html",
      "dc:date": "2012-08-08T14:39+09:00",
      "dcterms:issued": "2012-08-08T14:39+09:00",
      "dcterms:modified": "2012-08-08T14:39+09:00",
      "description": "Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability.\r\n\r\nSleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains an arbitrary Java method execution vulnerability.\r\n\r\nGaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000075.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir_mobile",
        "@product": "Sleipnir Mobile",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "5.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2012-000075",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN99730704/index.html",
          "@id": "JVN#99730704",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2649",
          "@id": "CVE-2012-2649",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2649",
          "@id": "CVE-2012-2649",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-DesignError",
          "@title": "No Mapping(CWE-DesignError)"
        }
      ],
      "title": "Sleipnir Mobile for Android vulnerable to arbitrary Java method execution"
    }

    JVNDB-2012-000071

    Vulnerability from jvndb - Published: 2012-07-24 14:05 - Updated:2012-07-24 14:05
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir Mobile for Android vulnerable in the WebView class
    Details
    Sleipnir Mobile for Android contains a vulnerability in the WebView class. Sleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains a vulnerability in the WebView class. Gaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000071.html",
      "dc:date": "2012-07-24T14:05+09:00",
      "dcterms:issued": "2012-07-24T14:05+09:00",
      "dcterms:modified": "2012-07-24T14:05+09:00",
      "description": "Sleipnir Mobile for Android contains a vulnerability in the WebView class.\r\n\r\nSleipnir Mobile for Android is a web browser for Android devices. Sleipnir Mobile for Android contains a vulnerability in the WebView class.\r\n\r\nGaku Mochizuki of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000071.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir_mobile",
        "@product": "Sleipnir Mobile",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2012-000071",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN88643450/index.html",
          "@id": "JVN#88643450",
          "@source": "JVN"
        },
        {
          "#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2646",
          "@id": "CVE-2012-2646",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2646",
          "@id": "CVE-2012-2646",
          "@source": "NVD"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Sleipnir Mobile for Android vulnerable in the WebView class"
    }

    JVNDB-2010-000058

    Vulnerability from jvndb - Published: 2010-12-01 20:27 - Updated:2010-12-01 20:27
    Severity
    N/A (UNKNOWN) - -
    Summary
    Clipboard contents alteration vulnerability in Grani
    Details
    Grani contains a vulnerability in which the contents of the clipboard may be altered. Grani, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Grani is being used under certain settings, the contents of the clipboard may be read or written from a website. According to the developer, users who are using the version 4.5 that was released prior to November 25, 2010 at 3pm (Japan Time) with the default settings are affected by this vulnerability.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000058.html",
      "dc:date": "2010-12-01T20:27+09:00",
      "dcterms:issued": "2010-12-01T20:27+09:00",
      "dcterms:modified": "2010-12-01T20:27+09:00",
      "description": "Grani contains a vulnerability in which the contents of the clipboard may be altered.\r\n\r\nGrani, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Grani is being used under certain settings, the contents of the clipboard may be read or written from a website.\r\n\r\nAccording to the developer, users who are using the version 4.5 that was released prior to November 25, 2010 at 3pm (Japan Time) with the default settings are affected by this vulnerability.",
      "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000058.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:grani",
        "@product": "Grani",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "5.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2010-000058",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN76662040/index.html",
          "@id": "JVN#76662040",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3919",
          "@id": "CVE-2010-3919",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3919",
          "@id": "CVE-2010-3919",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/42428",
          "@id": "SA42428",
          "@source": "SECUNIA"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Clipboard contents alteration vulnerability in Grani"
    }

    JVNDB-2010-000057

    Vulnerability from jvndb - Published: 2010-12-01 20:27 - Updated:2010-12-01 20:27
    Severity
    N/A (UNKNOWN) - -
    Summary
    Clipboard contents alteration vulnerability in Sleipnir
    Details
    Sleipnir contains a vulnerability in which the contents of the clipboard may be altered. Sleipnir, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Sleipnir is being used under certain settings, the contents of the clipboard may be read or written from a website. According to the developer, users who are using the version 2.9.6 that was released prior to November 25, 2010 at 3pm (Japan Time) with the default settings are affected by this vulnerability.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000057.html",
      "dc:date": "2010-12-01T20:27+09:00",
      "dcterms:issued": "2010-12-01T20:27+09:00",
      "dcterms:modified": "2010-12-01T20:27+09:00",
      "description": "Sleipnir contains a vulnerability in which the contents of the clipboard may be altered.\r\n\r\nSleipnir, a web browser provided by Fenrir, contains a vulnerability in which the contents of the clipboard may be altered. As a result, when Sleipnir is being used under certain settings, the contents of the clipboard may be read or written from a website.\r\n\r\nAccording to the developer, users who are using the version 2.9.6 that was released prior to November 25, 2010 at 3pm (Japan Time) with the default settings are affected by this vulnerability.",
      "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000057.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:sleipnir",
        "@product": "Sleipnir",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "5.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2010-000057",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN64764004/index.html",
          "@id": "JVN#64764004",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3918",
          "@id": "CVE-2010-3918",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3918",
          "@id": "CVE-2010-3918",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/42427",
          "@id": "SA42427",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://osvdb.org/69604",
          "@id": "69604",
          "@source": "OSVDB"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Clipboard contents alteration vulnerability in Sleipnir"
    }

    JVNDB-2010-000048

    Vulnerability from jvndb - Published: 2010-10-25 17:43 - Updated:2010-10-25 17:43
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir and Grani may insecurely load executable files
    Details
    Sleipnir and Grani may use unsafe methods for determining how to load executables (.exe). Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani load certain executables when displaying the source code of the HTML file currently being viewed. Sleipnir and Grani contain an issue with the file search path, which may insecurely load executables. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html",
      "dc:date": "2010-10-25T17:43+09:00",
      "dcterms:issued": "2010-10-25T17:43+09:00",
      "dcterms:modified": "2010-10-25T17:43+09:00",
      "description": "Sleipnir and Grani may use unsafe methods for determining how to load executables (.exe).\r\n\r\nSleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani load certain executables when displaying the source code of the HTML file currently being viewed. Sleipnir and Grani contain an issue with the file search path, which may insecurely load executables.\r\n\r\nMakoto Shiotsuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000048.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fenrir-inc:grani",
          "@product": "Grani",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:sleipnir",
          "@product": "Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "5.1",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2010-000048",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN89272705/index.html",
          "@id": "JVN#89272705",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/tr/JVNTR-2010-23",
          "@id": "JVNTR-2010-23",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3164",
          "@id": "CVE-2010-3164",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3164",
          "@id": "CVE-2010-3164",
          "@source": "NVD"
        },
        {
          "#text": "http://www.us-cert.gov/cas/techalerts/TA10-238A.html",
          "@id": "TA10-238A",
          "@source": "CERT-TA"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Sleipnir and Grani may insecurely load executable files"
    }

    JVNDB-2010-000047

    Vulnerability from jvndb - Published: 2010-10-25 17:42 - Updated:2010-10-25 17:42
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir and Grani may insecurely load dynamic libraries
    Details
    Sleipnir and Grani may use unsafe methods for determining how to load DLLs. Sleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL's when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries. Makoto Shiotsuki reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000047.html",
      "dc:date": "2010-10-25T17:42+09:00",
      "dcterms:issued": "2010-10-25T17:42+09:00",
      "dcterms:modified": "2010-10-25T17:42+09:00",
      "description": "Sleipnir and Grani may use unsafe methods for determining how to load DLLs.\r\n\r\nSleipnir and Grani provided by Fenrir are web browsers. Sleipnir and Grani loads certain DLL\u0027s when HTML files are opened. Sleipnir and Grani contain an issue with the DLL search path, which may lead to insecurely loading dynamic libraries.\r\n\r\nMakoto Shiotsuki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000047.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fenrir-inc:grani",
          "@product": "Grani",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:sleipnir",
          "@product": "Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2010-000047",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN50610528/index.html",
          "@id": "JVN#50610528",
          "@source": "JVN"
        },
        {
          "#text": "https://jvn.jp/en/tr/JVNTR-2010-23",
          "@id": "JVNTR-2010-23",
          "@source": "JVNTR"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3163",
          "@id": "CVE-2010-3163",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3163",
          "@id": "CVE-2010-3163",
          "@source": "NVD"
        },
        {
          "#text": "http://www.ipa.go.jp/security/english/vuln/201010_Sleipnir_en.html",
          "@id": "Security Alert for Vulnerability in Sleipnir and Grani",
          "@source": "IPA SECURITY ALERTS"
        },
        {
          "#text": "http://www.kb.cert.org/vuls/id/707943",
          "@id": "VU#707943",
          "@source": "CERT-VN"
        },
        {
          "#text": "http://www.us-cert.gov/cas/techalerts/TA10-238A.html",
          "@id": "TA10-238A",
          "@source": "CERT-TA"
        }
      ],
      "title": "Sleipnir and Grani may insecurely load dynamic libraries"
    }

    JVNDB-2010-000025

    Vulnerability from jvndb - Published: 2010-06-17 19:50 - Updated:2010-06-17 19:50
    Severity
    N/A (UNKNOWN) - -
    Summary
    Multiple vulnerabilities in ActiveGeckoBrowser
    Details
    ActiveGeckoBrowser from Fenrir Inc. contains multiple vulnerabilities. ActiveGeckoBrowser from Fenrir Inc. is a plugin that adds the Gecko rendering engine to the Sleipnir web browser. ActiveGeckoBrowser contains multiple vulnerabilities caused by the Gecko engine.
    Impacted products
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000025.html",
      "dc:date": "2010-06-17T19:50+09:00",
      "dcterms:issued": "2010-06-17T19:50+09:00",
      "dcterms:modified": "2010-06-17T19:50+09:00",
      "description": "ActiveGeckoBrowser from Fenrir Inc. contains multiple vulnerabilities.\r\n\r\nActiveGeckoBrowser from Fenrir Inc. is a plugin that adds the Gecko rendering engine to the Sleipnir web browser. ActiveGeckoBrowser contains multiple vulnerabilities caused by the Gecko engine.",
      "link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000025.html",
      "sec:cpe": {
        "#text": "cpe:/a:fenrir-inc:activegeckobrowser",
        "@product": "ActiveGeckoBrowser",
        "@vendor": "Fenrir Inc.",
        "@version": "2.2"
      },
      "sec:cvss": {
        "@score": "6.8",
        "@severity": "Medium",
        "@type": "Base",
        "@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2010-000025",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN67120749/index.html",
          "@id": "JVN#67120749",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2420",
          "@id": "CVE-2010-2420",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2420",
          "@id": "CVE-2010-2420",
          "@source": "NVD"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/59493",
          "@id": "59493",
          "@source": "XF"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-Other",
          "@title": "No Mapping(CWE-Other)"
        }
      ],
      "title": "Multiple vulnerabilities in ActiveGeckoBrowser"
    }

    JVNDB-2008-000029

    Vulnerability from jvndb - Published: 2008-06-10 13:59 - Updated:2008-06-10 13:59
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history
    Details
    Sleipnir and Grani, web browsers from Fenrir & Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script when search results are restored from history. Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted string is used in a search, an arbitrary script may be executed on the user's web browser when the search results are restored from history. Shuya Ueki reported this vulnerability to IPA. JPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000029.html",
      "dc:date": "2008-06-10T13:59+09:00",
      "dcterms:issued": "2008-06-10T13:59+09:00",
      "dcterms:modified": "2008-06-10T13:59+09:00",
      "description": "Sleipnir and Grani, web browsers from Fenrir \u0026 Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script when search results are restored from history.\r\n\r\nSleipnir and Grani, web browsers from Fenrir \u0026 Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted string is used in a search, an arbitrary script may be executed on the user\u0027s web browser when the search results are restored from history.\r\n\r\nShuya Ueki reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the vendors under Information Security Early Warning Partnership.",
      "link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-000029.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fenrir-inc:grani",
          "@product": "Grani",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:portable_sleipnir",
          "@product": "Portable Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:sleipnir",
          "@product": "Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2008-000029",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN25448394/index.html",
          "@id": "JVN#25448394",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2567",
          "@id": "CVE-2008-2567",
          "@source": "CVE"
        },
        {
          "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-2567",
          "@id": "CVE-2008-2567",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/30487",
          "@id": "SA30487",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/29555",
          "@id": "29555",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/42827",
          "@id": "42827",
          "@source": "XF"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Sleipnir and Grani vulnerable to arbitrary script execution when Bookmark search results are restored from history"
    }

    JVNDB-2007-000804

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution
    Details
    Sleipnir and Grani, web browsers from Fenrir & Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script. Sleipnir and Grani, web browsers from Fenrir & Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted URL is registered to the bookmark, an attacker could execute an arbitrary script on the user's web browser when the search result is displayed.
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000804.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Sleipnir and Grani, web browsers from Fenrir \u0026 Co., contain a vulnerability in the bookmark search function that allows an attacker to execute an arbitrary script.\r\n\r\nSleipnir and Grani, web browsers from Fenrir \u0026 Co., have a bookmark search function. When a user runs the search function, the search result is displayed in the web browser. If a specially crafted URL is registered to the bookmark, an attacker could execute an arbitrary script on the user\u0027s web browser when the search result is displayed.",
      "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000804.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fenrir-inc:grani",
          "@product": "Grani",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:portable_sleipnir",
          "@product": "Portable Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:sleipnir",
          "@product": "Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2007-000804",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN65427327/index.html",
          "@id": "JVN#65427327",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6002",
          "@id": "CVE-2007-6002",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6002",
          "@id": "CVE-2007-6002",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/27655",
          "@id": "SA27655",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://secunia.com/advisories/27675",
          "@id": "SA27675",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.securityfocus.com/bid/26418",
          "@id": "26418",
          "@source": "BID"
        },
        {
          "#text": "http://xforce.iss.net/xforce/xfdb/38441",
          "@id": "38441",
          "@source": "XF"
        },
        {
          "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
          "@id": "CWE-79",
          "@title": "Cross-site Scripting(CWE-79)"
        }
      ],
      "title": "Sleipnir and Grani Bookmark Search vulnerable to arbitrary script execution"
    }

    JVNDB-2007-000093

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone
    Details
    Sleipnir is a tabbed web browser developed in Japan by Fenrir & Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000093.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Sleipnir is a tabbed web browser developed in Japan by Fenrir \u0026 Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).",
      "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000093.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fenrir-inc:portable_sleipnir",
          "@product": "Portable Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:sleipnir",
          "@product": "Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir:darksky_rss_bar",
          "@product": "RSS Bar",
          "@vendor": "Darksky",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2007-000093",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN93700808/index.html",
          "@id": "JVN#93700808",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0705",
          "@id": "CVE-2007-0705",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0705",
          "@id": "CVE-2007-0705",
          "@source": "NVD"
        },
        {
          "#text": "http://secunia.com/advisories/23927/",
          "@id": "SA23927",
          "@source": "SECUNIA"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2007/0364",
          "@id": "FrSIRT/ADV-2007-0364",
          "@source": "FRSIRT"
        }
      ],
      "title": "Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone"
    }

    JVNDB-2007-000091

    Vulnerability from jvndb - Published: 2008-05-21 00:00 - Updated:2008-05-21 00:00
    Severity
    N/A (UNKNOWN) - -
    Summary
    Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone
    Details
    Sleipnir is a tabbed web browser developed in Japan by Fenrir & Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).
    Show details on JVN DB website

    {
      "@rdf:about": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000091.html",
      "dc:date": "2008-05-21T00:00+09:00",
      "dcterms:issued": "2008-05-21T00:00+09:00",
      "dcterms:modified": "2008-05-21T00:00+09:00",
      "description": "Sleipnir is a tabbed web browser developed in Japan by Fenrir \u0026 Co. Sleipnir RSS bar contains a vulnerability that RSS data is handled in an inappropriate security zone (My Computer zone).",
      "link": "https://jvndb.jvn.jp/en/contents/2007/JVNDB-2007-000091.html",
      "sec:cpe": [
        {
          "#text": "cpe:/a:fenrir-inc:portable_sleipnir",
          "@product": "Portable Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir-inc:sleipnir",
          "@product": "Sleipnir",
          "@vendor": "Fenrir Inc.",
          "@version": "2.2"
        },
        {
          "#text": "cpe:/a:fenrir:darksky_rss_bar",
          "@product": "RSS Bar",
          "@vendor": "Darksky",
          "@version": "2.2"
        }
      ],
      "sec:cvss": {
        "@score": "2.6",
        "@severity": "Low",
        "@type": "Base",
        "@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
        "@version": "2.0"
      },
      "sec:identifier": "JVNDB-2007-000091",
      "sec:references": [
        {
          "#text": "http://jvn.jp/en/jp/JVN93700808/index.html",
          "@id": "JVN#93700808",
          "@source": "JVN"
        },
        {
          "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0706",
          "@id": "CVE-2007-0706",
          "@source": "CVE"
        },
        {
          "#text": "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-0706",
          "@id": "CVE-2007-0706",
          "@source": "NVD"
        },
        {
          "#text": "http://www.frsirt.com/english/advisories/2007/0365",
          "@id": "FrSIRT/ADV-2007-0365",
          "@source": "FRSIRT"
        }
      ],
      "title": "Sleipnir RSS bar vulnerable in handling RSS data in an inappropriate security zone"
    }