CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11401 CVE-2010-3482 89 2 Exec Code Sql 2010-09-22 2010-09-23
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenticated administrators to execute arbitrary SQL commands via the (1) title and (2) menutitle parameters. NOTE: this can be leveraged with CVE-2010-3483 to conduct attacks without authentication.
11402 CVE-2010-3481 89 1 Exec Code Sql 2010-09-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) user_name and (2) password variables, possibly related to include/classes/Login.php. NOTE: some of these details are obtained from third party information. NOTE: the password vector might not be vulnerable.
11403 CVE-2010-3480 22 1 Dir. Trav. 2010-09-22 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter.
11404 CVE-2010-3467 89 2 Exec Code Sql 2010-09-17 2017-08-16
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the secid parameter in a listarticles action.
11405 CVE-2010-3464 352 1 CSRF 2010-09-17 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/manager_users.class.php in SantaFox 2.02, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests, as demonstrated by adding administrative users via the save_admin action to admin/index.php.
11406 CVE-2010-3449 352 CSRF 2010-12-06 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of administrators for requests that modify credentials.
11407 CVE-2010-3437 189 1 DoS +Info 2010-10-04 2012-03-19
6.6
None Local Low Not required Complete None Complete
Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and system crash) via a crafted index value in a PKT_CTRL_CMD_STATUS ioctl call.
11408 CVE-2010-3433 264 Exec Code +Priv 2010-10-06 2017-09-18
6.0
User Remote Medium Single system Partial Partial Partial
The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447.
11409 CVE-2010-3429 94 Exec Code 2010-09-30 2018-10-10
6.8
None Remote Medium Not required Partial Partial Partial
flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset dereference vulnerability."
11410 CVE-2010-3405 119 Overflow +Priv 2010-09-16 2018-11-28
6.8
None Local Low Single system Complete Complete Complete
Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.
11411 CVE-2010-3394 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11412 CVE-2010-3393 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11413 CVE-2010-3389 +Priv 2010-10-20 2012-02-01
6.9
None Local Medium Not required Complete Complete Complete
The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or cluster-agents) 1.0.3 in Linux-HA place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11414 CVE-2010-3387 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
** DISPUTED ** vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: a third party disputes this issue because the script erroneously uses a semicolon in a context where a colon was intended.
11415 CVE-2010-3386 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11416 CVE-2010-3385 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11417 CVE-2010-3384 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1.3.1 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11418 CVE-2010-3383 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11419 CVE-2010-3382 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11420 CVE-2010-3381 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11421 CVE-2010-3380 +Priv 2010-09-29 2010-09-30
6.9
None Local Medium Not required Complete Complete Complete
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11422 CVE-2010-3378 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11423 CVE-2010-3377 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hxx2salome scripts in SALOME 5.1.3 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11424 CVE-2010-3376 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11425 CVE-2010-3374 +Priv 2010-10-04 2010-10-05
6.9
None Local Medium Not required Complete Complete Complete
Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11426 CVE-2010-3372 +Priv 2010-12-08 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in NorduGrid Advanced Resource Connector (ARC) before 0.8.3 allows local users to gain privileges via vectors related to the LD_LIBRARY_PATH environment variable. NOTE: some of these details are obtained from third party information.
11427 CVE-2010-3369 +Priv 2010-10-20 2010-12-14
6.9
None Local Medium Not required Complete Complete Complete
The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11428 CVE-2010-3366 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11429 CVE-2010-3365 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Mistelix 0.31 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11430 CVE-2010-3364 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11431 CVE-2010-3363 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
roarify in roaraudio 0.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11432 CVE-2010-3362 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
lastfm 1.5.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11433 CVE-2010-3361 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11434 CVE-2010-3360 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11435 CVE-2010-3358 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11436 CVE-2010-3357 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11437 CVE-2010-3355 +Priv 2010-10-20 2010-10-22
6.9
None Local Medium Not required Complete Complete Complete
Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11438 CVE-2010-3354 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11439 CVE-2010-3353 +Priv 2010-10-20 2010-10-21
6.9
None Local Medium Not required Complete Complete Complete
Cowbell 0.2.7.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11440 CVE-2010-3351 +Priv 2010-10-20 2011-09-14
6.9
None Local Medium Not required Complete Complete Complete
startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11441 CVE-2010-3350 20 +Priv 2010-10-20 2017-08-16
6.9
None Local Medium Not required Complete Complete Complete
bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11442 CVE-2010-3349 +Priv 2010-10-20 2010-11-03
6.9
None Local Medium Not required Complete Complete Complete
Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
11443 CVE-2010-3322 264 +Priv +Info 2010-09-14 2010-09-14
6.0
User Remote Medium Single system Partial Partial Partial
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.
11444 CVE-2010-3320 20 2010-09-13 2010-09-14
6.8
None Remote Medium Not required Partial Partial Partial
Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
11445 CVE-2010-3315 16 Bypass 2010-10-04 2017-09-18
6.0
None Remote Medium Single system Partial Partial Partial
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
11446 CVE-2010-3308 94 DoS Exec Code Overflow 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long cisco_banner (aka server_banner) field.
11447 CVE-2010-3304 264 2010-09-24 2011-02-12
6.4
None Remote Low Not required Partial Partial None
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs.
11448 CVE-2010-3302 119 DoS Exec Code Overflow 2010-10-05 2010-12-07
6.5
None Remote Low Single system Partial Partial Partial
Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) cisco_dns_info or (2) cisco_domain_info data in a packet.
11449 CVE-2010-3290 +Priv 2010-10-23 2017-08-16
6.5
None Remote Low Single system Partial Partial Partial
Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
11450 CVE-2010-3288 352 CSRF 2010-10-23 2010-11-11
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.