CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
10451 CVE-2010-3773 2010-12-10 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects, which allows remote attackers to execute arbitrary JavaScript via a crafted HTTP response. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-0179.
10452 CVE-2010-3771 Exec Code 2010-12-10 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to redirection to a chrome: URI.
10453 CVE-2010-3753 78 Exec Code 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banner) field, a different vulnerability than CVE-2010-3308.
10454 CVE-2010-3752 78 Exec Code 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in (1) cisco_dns_info or (2) cisco_domain_info data in a packet, a different vulnerability than CVE-2010-3302.
10455 CVE-2010-3739 287 2010-10-05 2010-10-06
6.4
None Remote Low Not required Partial Partial None
The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.
10456 CVE-2010-3716 20 +Priv 2010-10-25 2010-10-27
6.0
None Remote Medium Single system Partial Partial Partial
The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenticated users to gain privileges via a crafted POST request that creates a user account with arbitrary group memberships.
10457 CVE-2010-3704 20 DoS Exec Code Mem. Corr. Bypass 2010-11-05 2012-11-19
6.8
None Remote Medium Not required Partial Partial Partial
The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted PostScript Type1 font that contains a negative array index, which bypasses input validation and triggers memory corruption.
10458 CVE-2010-3702 20 DoS 2010-11-05 2012-11-19
6.8
None Remote Medium Not required Partial Partial Partial
The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.1, CUPS, kdegraphics, and possibly other products allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference.
10459 CVE-2010-3694 352 CSRF 2010-11-09 2011-07-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers to hijack the authentication of unspecified victims for requests to a preference form.
10460 CVE-2010-3692 22 Dir. Trav. 2010-10-07 2011-03-01
6.4
None Remote Low Not required None Partial Partial
Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.
10461 CVE-2010-3689 264 +Priv 2011-01-28 2015-11-17
6.9
None Local Medium Not required Complete Complete Complete
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10462 CVE-2010-3614 20 DoS 2010-12-06 2018-10-10
6.4
None Remote Low Not required None Partial Partial
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover.
10463 CVE-2010-3606 22 Dir. Trav. 2010-09-24 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 allow remote emote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) folder and (2) action parameters.
10464 CVE-2010-3603 352 3 DoS CSRF 2010-09-24 2017-08-16
6.8
User Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService.ashx) in mojoPortal 2.3.4.3 and 2.3.5.1 allows remote attackers to hijack the authentication of administrators for requests that rename arbitrary files, as demonstrated by causing the user.config file to be moved, leading to a denial of service (service stop) and possibly the exposure of sensitive information.
10465 CVE-2010-3596 2011-01-19 2011-07-20
6.4
None Remote Low Not required None Partial Partial
Unspecified vulnerability in the mod_ssl component in Oracle Secure Backup 10.3.0.2 allows remote attackers to affect integrity and availability via unknown vectors.
10466 CVE-2010-3594 Sql 2011-01-19 2017-08-16
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Real User Experience Insight component in Oracle Enterprise Manager Grid Control 6.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Processing. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this is SQL injection in rsynclogdird involving improper escaping of UTF-8 characters while processing log files.
10467 CVE-2010-3579 2010-10-14 2013-02-07
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail.
10468 CVE-2010-3577 2010-10-14 2010-11-11
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality and integrity, related to Kernel/CIFS.
10469 CVE-2010-3575 2010-10-14 2010-11-11
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 6.0, 6.2, 6.3, and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Web Mail.
10470 CVE-2010-3564 DoS 2010-10-14 2017-09-18
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.
10471 CVE-2010-3557 2010-10-19 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static."
10472 CVE-2010-3549 2010-10-19 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is an HTTP request splitting vulnerability involving the handling of the chunked transfer encoding method by the HttpURLConnection class.
10473 CVE-2010-3507 2010-10-13 2010-11-11
6.6
None Local Medium Not required Partial Complete Complete
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Live Upgrade.
10474 CVE-2010-3503 2010-10-13 2010-11-11
6.3
None Local Medium Not required Complete Complete None
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su.
10475 CVE-2010-3500 2010-10-13 2016-11-23
6.0
None Remote Medium Single system Partial Partial Partial
Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-2405.
10476 CVE-2010-3499 264 Exec Code 2012-08-22 2012-08-22
6.4
None Remote Low Not required None Partial Partial
F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that "the inability to catch these files are caused by lacking functionality rather than programming errors."
10477 CVE-2010-3498 264 Exec Code 2012-08-22 2012-08-22
6.4
None Remote Low Not required None Partial Partial
AVG Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
10478 CVE-2010-3497 264 Exec Code 2012-08-22 2012-08-22
6.4
None Remote Low Not required None Partial Partial
Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that this issue "falls into the work of our Firewall and not our AV (per our methodology of layers of defense)."
10479 CVE-2010-3496 264 Exec Code 2012-08-22 2012-08-22
6.4
None Remote Low Not required None Partial Partial
McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution.
10480 CVE-2010-3490 22 1 Dir. Trav. 2010-09-28 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in page.recordings.php in the System Recordings component in the configuration interface in FreePBX 2.8.0 and earlier allows remote authenticated administrators to create arbitrary files via a .. (dot dot) in the usersnum parameter to admin/config.php, as demonstrated by creating a .php file under the web root.
10481 CVE-2010-3482 89 2 Exec Code Sql 2010-09-22 2010-09-23
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication.
10482 CVE-2010-3481 89 1 Exec Code Sql 2010-09-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) password variables, possibly related to include/classes/Login.php. NOTE: some of these details are obtained from third party information. NOTE: the password vector might not be vulnerable.
10483 CVE-2010-3480 22 1 Dir. Trav. 2010-09-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
10484 CVE-2010-3467 89 2 Exec Code Sql 2010-09-17 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action.
10485 CVE-2010-3464 352 1 CSRF 2010-09-17 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/manager_users.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests, as demonstrated by adding administrative users via the save_admin action to admin/index.php.
10486 CVE-2010-3449 352 CSRF 2010-12-06 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of administrators for requests that modify credentials.
10487 CVE-2010-3437 189 1 DoS +Info 2010-10-04 2012-03-19
6.6
None Local Low Not required Complete None Complete
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
10488 CVE-2010-3433 264 Exec Code +Priv 2010-10-06 2017-09-18
6.0
User Remote Medium Single system Partial Partial Partial
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
10489 CVE-2010-3429 94 Exec Code 2010-09-30 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
10490 CVE-2010-3405 119 Overflow +Priv 2010-09-16 2018-11-28
6.8
None Local Low Single system Complete Complete Complete
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
10491 CVE-2010-3394 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10492 CVE-2010-3393 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10493 CVE-2010-3389 +Priv 2010-10-20 2012-02-01
6.9
None Local Medium Not required Complete Complete Complete
The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10494 CVE-2010-3387 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a semicolon in a context where a colon was intended.
10495 CVE-2010-3386 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10496 CVE-2010-3385 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10497 CVE-2010-3384 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10498 CVE-2010-3383 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10499 CVE-2010-3382 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
10500 CVE-2010-3381 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.