Vulnerability Description
The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copied by another user in the session.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Islonline | Isl Desktop Plugin | <= 1.4.3 |
| Islonline | Isl Light | <= 3.5.4 |
Related Weaknesses (CWE)
References
- http://osvdb.org/100512
- http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Exploit
- http://seclists.org/fulldisclosure/2013/Dec/14Exploit
- http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-Patch
- http://www.securityfocus.com/bid/64050
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89399
- http://osvdb.org/100512
- http://packetstormsecurity.com/files/124274/ISL-Light-Desktop-3.5.4-Information-Exploit
- http://seclists.org/fulldisclosure/2013/Dec/14Exploit
- http://www.islonline.com/help/isl-releases-info/any/manual/?2013-11-29-rel-info-Patch
- http://www.securityfocus.com/bid/64050
- https://exchange.xforce.ibmcloud.com/vulnerabilities/89399
FAQ
What is CVE-2013-6237?
CVE-2013-6237 is a vulnerability with a CVSS score of 3.5 (LOW). The ISL Desktop plugin for Windows before 1.4.7 for ISL Light 3.5.4 and earlier allows remote authenticated users to obtain sensitive information by pasting the clipboard contents that have been copie...
How severe is CVE-2013-6237?
CVE-2013-6237 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-6237?
Check the references section above for vendor advisories and patch information. Affected products include: Islonline Isl Desktop Plugin, Islonline Isl Light.