Vulnerabilities > CVE-2013-2317 - Cross-Site Scripting vulnerability in Apache OFBiz
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile Black Edition application 2.9.1 and earlier for Android allow remote attackers to spoof the address bar via vectors involving the opening of a new window.
Vulnerable Configurations
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 60200 CVE(CAN) ID: CVE-2013-2317 Sleipnir Mobile for Android一款手机Android Web浏览器。 Sleipnir Mobile for Android 2.10.0之前版本、Sleipnir Mobile Black Edition for Android 2.10.0之前版本存在地址栏欺骗漏洞,攻击者可利用此漏洞进行钓鱼等其他内容欺骗攻击。 0 Sleipnir Mobile for Android Sleipnir Mobile for Android 厂商补丁: Sleipnir Mobile for Android --------------------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir&hl=zh_CN |
id | SSV:60820 |
last seen | 2017-11-19 |
modified | 2013-06-01 |
published | 2013-06-01 |
reporter | Root |
title | Sleipnir Mobile for Android地址栏欺骗漏洞(CVE-2013-2317) |