3.5
CVE-2013-6237
- EPSS 1.69%
- Veröffentlicht 10.12.2013 16:55:25
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Islonline ≫ Isl Desktop Plugin Update- Edition- SwEditionwindows SwPlatformisl_light Version <= 1.4.3
Islonline ≫ Isl Desktop Plugin Version1.3.3 Update- Edition- SwEditionwindows SwPlatformisl_light
Islonline ≫ Isl Desktop Plugin Version1.4.1 Update- Edition- SwEditionwindows SwPlatformisl_light
Islonline ≫ Isl Desktop Plugin Version1.4.2 Update- Edition- SwEditionwindows SwPlatformisl_light
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.69% | 0.74 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.5 | 6.8 | 2.9 |
AV:N/AC:M/Au:S/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
http://osvdb.org/100512
http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Disclosure.html
http://seclists.org/fulldisclosure/2013/Dec/14
http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-isl-light-desktop-plugin-1-4-7-win.htm
http://www.securityfocus.com/bid/64050
https://exchange.xforce.ibmcloud.com/vulnerabilities/89399