製品・ソフトウェアに関する情報

JVN脆弱性詳細

Sleipnir Mobile for Android におけるアドレスバー偽装の脆弱性

Title	Sleipnir Mobile for Android におけるアドレスバー偽装の脆弱性
Summary	Sleipnir Mobile for Android には、ウィンドウを開く際の処理に問題があり、アドレスバー偽装の脆弱性が存在します。この脆弱性情報は、情報セキュリティ早期警戒パートナーシップに基づき下記の方が IPA に報告し、JPCERT/CC が開発者との調整を行いました。報告者: keitahaga.com Keita Haga 氏
Possible impacts	アドレスバーに表示される URL を偽装され、フィッシング詐欺などに使用される可能性があります。
Solution	[アップデートする] 開発者が提供する情報をもとに、最新版へアップデートしてください。
Publication Date	May 29, 2013, midnight
Registration Date	May 29, 2013, 2 p.m.
Last Update	May 29, 2013, 2 p.m.

CVSS2.0 : 警告
Score	4.3
Vector	AV:N/AC:M/Au:N/C:N/I:P/A:N

Affected System

フェンリル株式会社

Sleipnir Mobile for Android 2.9.1 およびそれ以前

Sleipnir Mobile for Android Black Edition 2.9.1 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2013-2317	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2317
National Vulnerability Database (NVD)
2	CVE-2013-2317	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2317

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-Other	https://www.ipa.go.jp/security/vuln/CWE.html#CWEOther

ベンダー情報

No	Name	URL
フェンリル株式会社
1	Sleipnir Mobile - ウェブブラウザ - Google Play の Android アプリ	https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir
2	Sleipnir Mobile Black Edition - Google Play の Android アプリ	https://play.google.com/store/apps/details?id=jp.co.fenrir.android.sleipnir_black

その他

No	Name	URL
JVN
1	JVN#22756333	http://jvn.jp/jp/JVN22756333/index.html

Change Log

No	Changed Details	Date of change
0	[2013年05月29日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2013-2317

Summary	The Sleipnir Mobile application 2.9.1 and earlier and Sleipnir Mobile Black Edition application 2.9.1 and earlier for Android allow remote attackers to spoof the address bar via vectors involving the opening of a new window.
Publication Date	June 4, 2013, 8:55 a.m.
Registration Date	Jan. 26, 2021, 3:38 p.m.
Last Update	Nov. 21, 2024, 10:51 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:fenrir-inc:sleipnir_mobile::::::::			2.9.1
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:alpha::::::
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:beta_update1::::::
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:rc::::::
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.1.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.2.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.3.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.4.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.6.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.2:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.3:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.4:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.1.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.2:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.3:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.3.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.6.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.7.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.8.0:::::::*
execution environment
1	cpe:2.3:o:google:android::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:fenrir-inc:sleipnir_mobile::-:black:::::			2.9.1
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:alpha:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:rc:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:beta_update1:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.1.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.2.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.3.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.4.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.6.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.2:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.3:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.4:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.1.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.2:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.3:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.3.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.6.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.7.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.8.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.9.0:-:black:::::*
execution environment
1	cpe:2.3:o:google:android::::::::

Related information, measures and tools

No	URL	refsource	タグ
1	http://jvn.jp/en/jp/JVN22756333/index.html
2	http://jvn.jp/en/jp/JVN22756333/index.html
3	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000046
4	http://jvndb.jvn.jp/jvndb/JVNDB-2013-000046

Common Vulnerabilities List

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:fenrir-inc:sleipnir_mobile::::::::			2.9.1
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:alpha::::::
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:beta_update1::::::
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:rc::::::
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.1.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.2.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.3.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.4.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.6.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.2:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.3:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.4:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.1.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.2:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.3:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.3.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.1:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.6.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.7.0:::::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.8.0:::::::*
execution environment
1	cpe:2.3:o:google:android::::::::

Configuration2		or higher	or less	more than	less than
cpe:2.3:a:fenrir-inc:sleipnir_mobile::-:black:::::			2.9.1
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:alpha:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:rc:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.0.0:beta_update1:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.1.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.2.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.3.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.4.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.5.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.6.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:1.7.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.2:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.3:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.0.4:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.1.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.2:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.2.3:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.3.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.4.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.5.1:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.6.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.7.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.8.0:-:black:::::*
cpe:2.3:a:fenrir-inc:sleipnir_mobile:2.9.0:-:black:::::*
execution environment
1	cpe:2.3:o:google:android::::::::