CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
10401 CVE-2010-3496 264 Exec Code 2012-08-22 2012-08-22
6.4
None Remote Low Not required None Partial Partial
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
10402 CVE-2010-3490 22 1 Dir. Trav. 2010-09-28 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root.
10403 CVE-2010-3482 89 2 Exec Code Sql 2010-09-22 2010-09-23
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication.
10404 CVE-2010-3481 89 1 Exec Code Sql 2010-09-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) password variables, possibly related to include/classes/Login.php. NOTE: some of these details are obtained from third party information. NOTE: the password vector might not be vulnerable.
10405 CVE-2010-3480 22 1 Dir. Trav. 2010-09-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
10406 CVE-2010-3467 89 2 Exec Code Sql 2010-09-17 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action.
10407 CVE-2010-3464 352 1 CSRF 2010-09-17 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/manager_users.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests, as demonstrated by adding administrative users via the save_admin action to admin/index.php.
10408 CVE-2010-3449 352 CSRF 2010-12-06 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of administrators for requests that modify credentials.
10409 CVE-2010-3437 189 1 DoS +Info 2010-10-04 2012-03-19
6.6
None Local Low Not required Complete None Complete
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
10410 CVE-2010-3433 264 Exec Code +Priv 2010-10-06 2017-09-18
6.0
User Remote Medium Single system Partial Partial Partial
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
10411 CVE-2010-3429 94 Exec Code 2010-09-30 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
10412 CVE-2010-3405 119 Overflow +Priv 2010-09-16 2018-11-28
6.8
None Local Low Single system Complete Complete Complete
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
10413 CVE-2010-3394 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10414 CVE-2010-3393 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10415 CVE-2010-3389 +Priv 2010-10-20 2012-02-01
6.9
None Local Medium Not required Complete Complete Complete
The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10416 CVE-2010-3387 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a semicolon in a context where a colon was intended.
10417 CVE-2010-3386 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10418 CVE-2010-3385 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10419 CVE-2010-3384 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10420 CVE-2010-3383 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10421 CVE-2010-3382 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10422 CVE-2010-3381 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10423 CVE-2010-3380 +Priv 2010-09-29 2010-09-30
6.9
None Local Medium Not required Complete Complete Complete
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10424 CVE-2010-3378 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10425 CVE-2010-3377 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hxx2salome scripts in SALOME 5.1.3 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10426 CVE-2010-3376 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10427 CVE-2010-3374 +Priv 2010-10-04 2010-10-05
6.9
None Local Medium Not required Complete Complete Complete
Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10428 CVE-2010-3372 +Priv 2010-12-08 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in NorduGrid Advanced Resource Connector (ARC) before 0.8.3 allows local users to gain privileges via vectors related to the LD_LIBRARY_PATH environment variable. NOTE: some of these details are obtained from third party information.
10429 CVE-2010-3369 +Priv 2010-10-20 2010-12-14
6.9
None Local Medium Not required Complete Complete Complete
The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10430 CVE-2010-3366 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10431 CVE-2010-3365 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Mistelix 0.31 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10432 CVE-2010-3364 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10433 CVE-2010-3363 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
roarify in roaraudio 0.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10434 CVE-2010-3362 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
lastfm 1.5.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10435 CVE-2010-3361 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10436 CVE-2010-3360 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10437 CVE-2010-3358 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10438 CVE-2010-3357 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10439 CVE-2010-3355 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10440 CVE-2010-3354 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10441 CVE-2010-3353 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Cowbell 0.2.7.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10442 CVE-2010-3351 +Priv 2010-10-20 2011-09-14
6.9
None Local Medium Not required Complete Complete Complete
startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10443 CVE-2010-3350 20 +Priv 2010-10-20 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10444 CVE-2010-3349 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10445 CVE-2010-3322 264 +Priv +Info 2010-09-14 2010-09-14
6.0
User Remote Medium Single system Partial Partial Partial
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.
10446 CVE-2010-3320 20 2010-09-13 2010-09-14
6.8
None Remote Medium Not required Partial Partial Partial
Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
10447 CVE-2010-3315 16 Bypass 2010-10-04 2017-09-18
6.0
None Remote Medium Single system Partial Partial Partial
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
10448 CVE-2010-3308 94 DoS Exec Code Overflow 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long cisco_banner (aka server_banner) field.
10449 CVE-2010-3304 264 2010-09-24 2011-02-12
6.4
None Remote Low Not required Partial Partial None
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
10450 CVE-2010-3302 119 DoS Exec Code Overflow 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.