CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11101 CVE-2010-2799 119 Exec Code Overflow 2010-09-14 2010-09-15
6.8
None Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments.
11102 CVE-2010-2793 362 +Priv 2010-12-08 2013-01-16
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise Virtualization (RHEV) Manager before 2.2.4 allows local users to create a certain named pipe, and consequently gain privileges, via vectors involving knowledge of the name of this named pipe, in conjunction with use of the ImpersonateNamedPipeClient function.
11103 CVE-2010-2789 94 Exec Code File Inclusion 2011-04-26 2011-07-19
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via unspecified vectors.
11104 CVE-2010-2786 22 Dir. Trav. 2010-08-02 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows remote attackers to include arbitrary local files and possibly have unspecified other impact via directory traversal sequences in a crafted data-renderer request.
11105 CVE-2010-2785 Exec Code 2010-08-02 2010-09-09
6.5
None Remote Low Single system Partial Partial Partial
The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) characters, which allows remote authenticated users to execute arbitrary CTCP commands via vectors involving \r and \40 sequences, a different vulnerability than CVE-2010-2451 and CVE-2010-2452.
11106 CVE-2010-2784 264 DoS +Priv 2010-08-24 2010-08-25
6.6
None Local Medium Single system Complete Complete Complete
The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2 and KVM 83, does not properly select the index for access to the callback array, which allows guest OS users to cause a denial of service (guest OS crash) or possibly gain privileges via unspecified vectors.
11107 CVE-2010-2772 255 +Priv 2010-07-22 2017-08-16
6.9
Admin Local Medium Not required Complete Complete Complete
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568.
11108 CVE-2010-2762 264 Exec Code 2010-09-09 2017-09-18
6.8
None Remote Medium Not required Partial Partial Partial
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object.
11109 CVE-2010-2757 310 2010-08-16 2010-09-08
6.5
None Remote Low Single system Partial Partial Partial
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remote authenticated users to impersonate other users without discovery.
11110 CVE-2010-2731 287 Bypass 2010-09-15 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, when directory-based Basic Authentication is enabled, allows remote attackers to bypass intended access restrictions and execute ASP files via a crafted request, aka "Directory Authentication Bypass Vulnerability."
11111 CVE-2010-2713 Exec Code +Info 2010-08-05 2010-09-09
6.8
None Remote Medium Not required Partial Partial Partial
The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression.
11112 CVE-2010-2712 +Priv 2010-08-30 2017-09-18
6.8
None Local Low Single system Complete Complete Complete
Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors.
11113 CVE-2010-2711 2010-08-25 2017-08-16
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the iPad allows remote attackers to read and modify MagCloud application data via unknown vectors.
11114 CVE-2010-2708 DoS 2010-08-09 2010-08-09
6.1
None Local Network Low Not required None None Complete
Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors.
11115 CVE-2010-2706 DoS 2010-08-09 2010-08-09
6.1
None Local Network Low Not required None None Complete
Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors.
11116 CVE-2010-2705 +Info 2010-08-09 2010-08-09
6.1
None Local Network Low Not required Complete None None
Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors.
11117 CVE-2010-2695 22 Dir. Trav. 2010-07-12 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5, and possibly other versions before 3.6 allows remote authenticated users to read, overwrite, or delete arbitrary files via .. (dot dot) sequences in the (1) ls, (2) rm, (3) rename, and other unspecified commands.
11118 CVE-2010-2680 22 2 Dir. Trav. 2010-07-12 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php.
11119 CVE-2010-2668 287 Bypass 2010-07-08 2018-10-10
6.4
None Remote Low Not required Partial Partial None
Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet Adapter II Web-Manager 3.40.2 allows remote attackers to bypass authentication and read or write configuration files via unknown vectors.
11120 CVE-2010-2667 Exec Code 2010-07-22 2018-10-10
6.0
None Remote Medium Single system Partial Partial Partial
Multiple unspecified vulnerabilities in the Virtual Appliance Management Infrastructure (VAMI) in VMware Studio 2.0 allow remote authenticated users to execute arbitrary commands via vectors involving (1) the Studio virtual appliance or (2) a virtual appliance created by the Studio virtual appliance.
11121 CVE-2010-2653 362 DoS 2010-10-05 2012-03-19
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the hvc_close function in drivers/char/hvc_console.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service or possibly have unspecified other impact by closing a Hypervisor Virtual Console device, related to the hvc_open and hvc_remove functions.
11122 CVE-2010-2635 89 Exec Code Sql 2010-11-09 2017-08-16
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute arbitrary SQL commands via unspecified parameters to "Commerce Organization Admin Console JavaServer pages."
11123 CVE-2010-2627 22 Dir. Trav. 2010-07-02 2010-07-06
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers to overwrite arbitrary files on the client via "..\" (dot dot backslash) sequences in URLs for the (1) sponsor or (2) community logos, and other URLs related to (3) DemoDownloadURL, (4) DemoIndexURL and (5) CustomMapsURL.
11124 CVE-2010-2618 94 3 Exec Code File Inclusion 2010-07-02 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter. NOTE: it was later reported that 2.0.1 is also affected.
11125 CVE-2010-2602 119 DoS Exec Code Overflow 2010-12-17 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Enterprise Server 5.0.0 through 5.0.2, 4.1.6, and 4.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF document.
11126 CVE-2010-2594 352 CSRF 2010-07-02 2010-07-02
6.8
User Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.
11127 CVE-2010-2576 94 Exec Code 2010-08-16 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently execute arbitrary code, via vectors involving (1) closing a tab or (2) hiding a tab, a related issue to CVE-2005-2407.
11128 CVE-2010-2575 119 DoS Exec Code Overflow 2010-08-30 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a PDB file.
11129 CVE-2010-2555 264 DoS +Priv Mem. Corr. 2010-08-11 2018-10-30
6.8
Admin Local Low Single system Complete Complete Complete
The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the length of strings in the registry, which allows local users to gain privileges or cause a denial of service (memory corruption) via vectors involving a long string, aka "Tracing Memory Corruption Vulnerability."
11130 CVE-2010-2554 264 +Priv 2010-08-11 2018-10-30
6.8
Admin Local Low Single system Complete Complete Complete
The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vulnerability."
11131 CVE-2010-2541 119 DoS Exec Code Overflow 2010-08-19 2012-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
11132 CVE-2010-2537 264 2010-09-30 2012-03-19
6.3
None Local Medium Not required None Complete Complete
The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a (1) BTRFS_IOC_CLONE or (2) BTRFS_IOC_CLONE_RANGE ioctl call that specifies this file as a donor.
11133 CVE-2010-2527 119 DoS Exec Code Overflow 2010-08-19 2012-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
11134 CVE-2010-2519 119 DoS Exec Code Overflow 2010-08-19 2012-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted length value in a POST fragment header in a font file.
11135 CVE-2010-2515 89 1 Exec Code Sql 2010-06-28 2010-06-29
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!, when magic_quotes_gpc is disabled, allow (1) remote attackers to execute arbitrary SQL commands via the id parameter, and (2) remote authenticated users with "Public Front-end" permissions to execute arbitrary SQL commands via the titlu parameter (title field). NOTE: some of these details are obtained from third party information.
11136 CVE-2010-2507 22 2 Dir. Trav. 2010-06-28 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
11137 CVE-2010-2504 +Info 2010-06-28 2010-06-29
6.0
None Remote Medium Single system Partial Partial Partial
Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066.
11138 CVE-2010-2500 189 DoS Exec Code Overflow 2010-08-19 2012-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
11139 CVE-2010-2499 119 DoS Exec Code Overflow 2010-08-19 2012-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LaserWriter PS font file with an embedded PFB fragment.
11140 CVE-2010-2498 399 DoS Exec Code Mem. Corr. 2010-08-19 2012-12-18
6.8
None Remote Medium Not required Partial Partial Partial
The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not properly implement hinting masks, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via a crafted font file that triggers an invalid free operation.
11141 CVE-2010-2497 189 DoS Exec Code 2010-08-19 2012-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.
11142 CVE-2010-2456 22 2 Dir. Trav. File Inclusion 2010-06-25 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote attackers to read and execute arbitrary local files via a URL in the (1) cook_lan cookie parameter ($lan_dir variable) or possibly (2) Sdb_type parameter. NOTE: this was originally reported as remote file inclusion, but this may be inaccurate.
11143 CVE-2010-2425 22 Dir. Trav. 2010-06-24 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read or delete arbitrary files via "..//" sequences in a COMB command.
11144 CVE-2010-2420 DoS Exec Code 2010-06-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser 1.0.0 and 1.0.5 alpha, a module for the Sleipnir web browser, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to the Gecko engine.
11145 CVE-2010-2419 2010-10-13 2010-11-11
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
11146 CVE-2010-2405 2010-10-13 2016-11-23
6.0
None Remote Medium Single system Partial Partial Partial
Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-3500.
11147 CVE-2010-2375 2010-07-13 2018-10-30
6.4
None Remote Low Not required Partial Partial None
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.
11148 CVE-2010-2369 +Priv 2010-10-18 2010-10-19
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory.
11149 CVE-2010-2368 +Priv 2010-10-18 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
11150 CVE-2010-2350 119 DoS Exec Code Overflow 2010-06-21 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNG file.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.