CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11001 CVE-2010-3381 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11002 CVE-2010-3380 +Priv 2010-09-29 2010-09-30
6.9
None Local Medium Not required Complete Complete Complete
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11003 CVE-2010-3378 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11004 CVE-2010-3377 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hxx2salome scripts in SALOME 5.1.3 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11005 CVE-2010-3376 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11006 CVE-2010-3374 +Priv 2010-10-04 2010-10-05
6.9
None Local Medium Not required Complete Complete Complete
Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11007 CVE-2010-3372 +Priv 2010-12-08 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in NorduGrid Advanced Resource Connector (ARC) before 0.8.3 allows local users to gain privileges via vectors related to the LD_LIBRARY_PATH environment variable. NOTE: some of these details are obtained from third party information.
11008 CVE-2010-3369 +Priv 2010-10-20 2010-12-14
6.9
None Local Medium Not required Complete Complete Complete
The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11009 CVE-2010-3366 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11010 CVE-2010-3365 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Mistelix 0.31 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11011 CVE-2010-3364 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11012 CVE-2010-3363 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
roarify in roaraudio 0.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11013 CVE-2010-3362 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
lastfm 1.5.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11014 CVE-2010-3361 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11015 CVE-2010-3360 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11016 CVE-2010-3358 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11017 CVE-2010-3357 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11018 CVE-2010-3355 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11019 CVE-2010-3354 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11020 CVE-2010-3353 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Cowbell 0.2.7.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11021 CVE-2010-3351 +Priv 2010-10-20 2011-09-14
6.9
None Local Medium Not required Complete Complete Complete
startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11022 CVE-2010-3350 20 +Priv 2010-10-20 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11023 CVE-2010-3349 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11024 CVE-2010-3322 264 +Priv +Info 2010-09-14 2010-09-14
6.0
User Remote Medium Single system Partial Partial Partial
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.
11025 CVE-2010-3320 20 2010-09-13 2010-09-14
6.8
None Remote Medium Not required Partial Partial Partial
Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
11026 CVE-2010-3315 16 Bypass 2010-10-04 2017-09-18
6.0
None Remote Medium Single system Partial Partial Partial
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
11027 CVE-2010-3308 94 DoS Exec Code Overflow 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long cisco_banner (aka server_banner) field.
11028 CVE-2010-3304 264 2010-09-24 2011-02-12
6.4
None Remote Low Not required Partial Partial None
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
11029 CVE-2010-3302 119 DoS Exec Code Overflow 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet.
11030 CVE-2010-3290 +Priv 2010-10-23 2017-08-16
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
11031 CVE-2010-3288 352 CSRF 2010-10-23 2010-11-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
11032 CVE-2010-3280 200 +Info 2010-09-23 2017-08-16
6.9
None Local Network Medium Not required Complete Partial Partial
The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucent OmniTouch Contact Center Standard Edition relies on client-side authorization checking, and unconditionally sends the SuperUser password to the client for use during an authorized session, which allows remote attackers to monitor or reconfigure Contact Center operations via a modified client application.
11033 CVE-2010-3278 119 Overflow +Priv 2010-09-10 2010-09-13
6.9
None Local Medium Not required Complete Complete Complete
Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 allow local users to gain privileges via unspecified vectors. NOTE: this might overlap CVE-2010-3110.
11034 CVE-2010-3271 352 1 CSRF 2011-07-18 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka administrative console) in IBM WebSphere Application Server (WAS) 7.0.0.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that disable certain security options via an Edit action to console/adminSecurityDetail.do followed by a save action to console/syncworkspace.do.
11035 CVE-2010-3270 119 Exec Code Overflow 2011-02-02 2018-10-10
6.8
None Remote High Multiple systems Complete Complete Complete
Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed.
11036 CVE-2010-3267 89 1 Exec Code Sql 2010-12-02 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id parameter to delete_query.aspx, the (3) new_project or (4) us_id parameter to edit_bug.aspx, or (5) the bug_list parameter to massedit.aspx. NOTE: some of these details are obtained from third party information.
11037 CVE-2010-3260 264 2011-04-26 2011-07-19
6.4
None Remote Low Not required Partial Partial None
oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote attackers to read arbitrary files or send HTTP requests to intranet servers via an entity declaration in conjunction with an entity reference, related to an "XML injection" issue.
11038 CVE-2010-3213 352 1 CSRF 2010-09-07 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that perform Outlook requests, as demonstrated by setting the auto-forward rule.
11039 CVE-2010-3207 89 2 Exec Code Sql 2010-09-03 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the album_id parameter. NOTE: some of these details are obtained from third party information.
11040 CVE-2010-3182 +Priv 2010-10-21 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11041 CVE-2010-3181 +Priv 2010-10-21 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.
11042 CVE-2010-3165 +Priv 2010-10-25 2010-10-27
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earlier, SQLEditorTE 1.9.1.3 and earlier, SQLEditor8 3.8.1.2 and earlier, and SQLEditorClassic 1.8.1.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11043 CVE-2010-3164 +Priv 2010-10-25 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11044 CVE-2010-3163 +Priv 2010-10-25 2010-10-27
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 and Grani before 4.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
11045 CVE-2010-3162 +Priv 2010-10-25 2010-10-28
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11046 CVE-2010-3161 +Priv 2010-10-25 2010-10-27
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in TeraPad before 1.00 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
11047 CVE-2010-3160 +Priv 2010-10-25 2010-10-27
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11048 CVE-2010-3159 +Priv 2010-10-25 2017-11-22
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11049 CVE-2010-3158 +Priv 2010-10-19 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11050 CVE-2010-3156 +Priv 2010-10-25 2010-10-28
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.