{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-11-29T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Disclosure.html"}, {"name": "isllight-cve20136237-info-disc(89399)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89399"}, {"name": "20131203 [CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2013/Dec/14"}, {"name": "64050", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/64050"}, {"name": "100512", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/100512"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-isl-light-desktop-plugin-1-4-7-win.htm"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-6237", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Disclosure.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Disclosure.html"}, {"name": "isllight-cve20136237-info-disc(89399)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89399"}, {"name": "20131203 [CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2013/Dec/14"}, {"name": "64050", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64050"}, {"name": "100512", "refsource": "OSVDB", "url": "http://osvdb.org/100512"}, {"name": "http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-isl-light-desktop-plugin-1-4-7-win.htm", "refsource": "CONFIRM", "url": "http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-isl-light-desktop-plugin-1-4-7-win.htm"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T17:38:58.974Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Disclosure.html"}, {"name": "isllight-cve20136237-info-disc(89399)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89399"}, {"name": "20131203 [CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2013/Dec/14"}, {"name": "64050", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/64050"}, {"name": "100512", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/100512"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-isl-light-desktop-plugin-1-4-7-win.htm"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-6237", "datePublished": "2013-12-10T15:00:00.000Z", "dateReserved": "2013-10-22T00:00:00.000Z", "dateUpdated": "2024-08-06T17:38:58.974Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:islonline:isl_desktop_plugin:*:-:-:*:windows:isl_light:*:*", "matchCriteriaId": "534394C4-A6B4-4A9D-AE11-8C8251788388", "versionEndIncluding": "1.4.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:islonline:isl_desktop_plugin:1.3.3:-:-:*:windows:isl_light:*:*", "matchCriteriaId": "78BD6401-7CAD-4483-BDE1-0DEBE373BA16", "vulnerable": true}, {"criteria": "cpe:2.3:a:islonline:isl_desktop_plugin:1.4.1:-:-:*:windows:isl_light:*:*", "matchCriteriaId": "B827413A-933C-4BC0-9360-2218CB131DE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:islonline:isl_desktop_plugin:1.4.2:-:-:*:windows:isl_light:*:*", "matchCriteriaId": "02E20552-3DC3-432F-9EE3-27296A19694B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:islonline:isl_light:*:*:*:*:*:*:*:*", "matchCriteriaId": "B27EBBA4-4E07-4FD2-B366-DF9FE2F10750", "versionEndIncluding": "3.5.4", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session."}, {"lang": "es", "value": "El plugin ISL Desktop para Windows anterior a la versi\u00f3n 1.4.7 para ISL Light 3.5.4 y anteriores permite a usuarios remotos autenticados obtener informaci\u00f3n sensible mediante el pegado de contenidos del portapapeles que ha sido copiado por otro usuario en la sesi\u00f3n."}], "id": "CVE-2013-6237", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-12-10T16:55:25.603", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/100512"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Disclosure.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2013/Dec/14"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-isl-light-desktop-plugin-1-4-7-win.htm"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/64050"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89399"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/100512"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Disclosure.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://seclists.org/fulldisclosure/2013/Dec/14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-isl-light-desktop-plugin-1-4-7-win.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/64050"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89399"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}