Sign-up

ID

VAR-201010-0447


TITLE

Phishing Vulnerability in Accela BizSearch Document View Window

Trust: 0.8

sources: JVNDB: JVNDB-2010-002077

DESCRIPTION

The document view window in Accela BizSearch Gateway Option has the following vulnerabilities which allow a remote attacker to: * display a fraudulent web page over a legitimate web page * steal cookies stored in browser * place arbitrary cookies into browserA remote attacker could display a fraudulent web page over a legitimate one, steal cookies stored in browser or place arbitrary cookies into browser.

Trust: 0.8

sources: JVNDB: JVNDB-2010-002077

AFFECTED PRODUCTS

vendor:accelamodel:bizsearchscope: - version: -

Trust: 0.8

vendor:accelamodel:eaccela bizsearchscope: - version: -

Trust: 0.8

vendor:fujitsumodel:intelligentsearchscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2010-002077

CVSS

SEVERITY

CVSSV2

CVSSV3

IPA: JVNDB-2010-002077
value: MEDIUM

Trust: 0.8

IPA: JVNDB-2010-002077
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

sources: JVNDB: JVNDB-2010-002077

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2010-002077

PATCH
title:Top Pageurl:http://www.accelatech.com/
Trust: 0.8
title:bizsearch201002url:http://software.fujitsu.com/jp/security/products-fujitsu/solution/bizsearch201002.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-002077

EXTERNAL IDS
db:JVNDBid:JVNDB-2010-002077
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2010-002077

SOURCES
db:JVNDBid:JVNDB-2010-002077

LAST UPDATE DATE
2022-05-04T10:20:10.770000+00:00

SOURCES UPDATE DATE
db:JVNDBid:JVNDB-2010-002077date:2010-10-13T00:00:00

SOURCES RELEASE DATE
db:JVNDBid:JVNDB-2010-002077date:2010-10-13T00:00:00