| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-0449 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-02-01 |
2020-08-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document. |
|
2 |
CVE-2012-0444 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2012-02-01 |
2020-08-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file. |
|
3 |
CVE-2012-0442 |
|
|
DoS Exec Code Mem. Corr. |
2012-02-01 |
2020-08-28 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. |
|
4 |
CVE-2012-0053 |
|
|
+Info |
2012-01-28 |
2022-09-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script. |
|
5 |
CVE-2012-0031 |
|
|
DoS |
2012-01-18 |
2022-09-14 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function. |
|
6 |
CVE-2011-4900 |
200 |
|
+Info |
2019-11-06 |
2019-11-07 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
TYPO3 before 4.5.4 allows Information Disclosure in the backend. |
|
7 |
CVE-2011-4862 |
120 |
1
|
Exec Code Overflow |
2011-12-25 |
2021-02-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011. |
|
8 |
CVE-2011-4566 |
189 |
|
DoS Overflow |
2011-11-29 |
2022-08-29 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708. |
|
9 |
CVE-2011-4362 |
|
1
|
DoS |
2011-12-24 |
2021-03-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index. |
|
10 |
CVE-2011-4361 |
276 |
|
+Info |
2012-01-08 |
2021-04-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
MediaWiki before 1.17.1 does not check for read permission before handling action=ajax requests, which allows remote attackers to obtain sensitive information by (1) leveraging the SpecialUpload::ajaxGetExistsWarning function, or by (2) leveraging an extension, as demonstrated by the CategoryTree, ExtTab, and InlineEditor extensions. |
|
11 |
CVE-2011-4360 |
200 |
|
+Info |
2012-01-08 |
2021-04-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages via a series of requests involving the (1) curid or (2) oldid parameter. |
|
12 |
CVE-2011-3919 |
787 |
|
DoS Overflow |
2012-01-07 |
2020-05-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in libxml2, as used in Google Chrome before 16.0.912.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. |
|
13 |
CVE-2011-3905 |
125 |
|
DoS |
2011-12-13 |
2020-05-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
libxml2, as used in Google Chrome before 16.0.912.63, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors. |
|
14 |
CVE-2011-3389 |
326 |
|
|
2011-09-06 |
2022-11-29 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. |
|
15 |
CVE-2011-2834 |
415 |
|
DoS |
2011-09-19 |
2020-05-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Double free vulnerability in libxml2, as used in Google Chrome before 14.0.835.163, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. |
|
16 |
CVE-2011-2821 |
415 |
|
DoS |
2011-08-29 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Double free vulnerability in libxml2, as used in Google Chrome before 13.0.782.215, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression. |
|
17 |
CVE-2011-2766 |
287 |
|
Bypass |
2011-09-23 |
2020-12-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. |
|
18 |
CVE-2011-2749 |
20 |
|
DoS |
2011-08-15 |
2020-04-01 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet. |
|
19 |
CVE-2011-2748 |
20 |
|
DoS |
2011-08-15 |
2020-01-08 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet. |
|
20 |
CVE-2011-2694 |
79 |
|
XSS |
2011-07-29 |
2022-10-31 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). |
|
21 |
CVE-2011-2692 |
119 |
|
DoS Overflow Mem. Corr. |
2011-07-17 |
2023-02-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The png_handle_sCAL function in pngrutil.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory. |
|
22 |
CVE-2011-2691 |
476 |
|
DoS |
2011-07-17 |
2023-02-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image. |
|
23 |
CVE-2011-2690 |
120 |
|
Overflow |
2011-07-17 |
2020-08-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image. |
|
24 |
CVE-2011-2688 |
89 |
|
Exec Code Sql |
2011-07-28 |
2020-11-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field. |
|
25 |
CVE-2011-2522 |
352 |
1
|
CSRF |
2011-07-29 |
2022-08-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allow remote attackers to hijack the authentication of administrators for requests that (1) shut down daemons, (2) start daemons, (3) add shares, (4) remove shares, (5) add printers, (6) remove printers, (7) add user accounts, or (8) remove user accounts, as demonstrated by certain start, stop, and restart parameters to the status program. |
|
26 |
CVE-2011-2501 |
125 |
|
DoS |
2011-07-17 |
2020-08-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The png_format_buffer function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression. NOTE: this is called an off-by-one error by some sources. |
|
27 |
CVE-2011-2192 |
255 |
|
|
2011-07-07 |
2020-05-27 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. |
|
28 |
CVE-2011-2189 |
400 |
|
DoS |
2011-10-10 |
2023-02-13 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
net/core/net_namespace.c in the Linux kernel 2.6.32 and earlier does not properly handle a high rate of creation and cleanup of network namespaces, which makes it easier for remote attackers to cause a denial of service (memory consumption) via requests to a daemon that requires a separate namespace per connection, as demonstrated by vsftpd. |
|
29 |
CVE-2011-1783 |
|
|
DoS |
2011-06-06 |
2020-10-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x and 1.6.x before 1.6.17, when the SVNPathAuthz short_circuit option is enabled, allows remote attackers to cause a denial of service (infinite loop and memory consumption) in opportunistic circumstances by requesting data. |
|
30 |
CVE-2011-1752 |
476 |
|
DoS |
2011-06-06 |
2020-10-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.17, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request for a baselined WebDAV resource, as exploited in the wild in May 2011. |
|
31 |
CVE-2011-1526 |
269 |
|
Bypass |
2011-07-11 |
2021-02-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script. |
|
32 |
CVE-2011-1176 |
|
|
+Priv |
2011-03-29 |
2020-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module 2.2.11-01 and 2.2.11-02 for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process. |
|
33 |
CVE-2011-0997 |
20 |
|
Exec Code |
2011-04-08 |
2020-04-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message, as demonstrated by a hostname that is provided to dhclient-script. |
|
34 |
CVE-2011-0762 |
400 |
1
|
DoS |
2011-03-02 |
2021-03-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632. |
|
35 |
CVE-2011-0419 |
770 |
|
DoS |
2011-05-16 |
2022-09-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd. |
|
36 |
CVE-2010-4494 |
415 |
|
DoS |
2010-12-07 |
2020-07-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.552.215 and other products, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling. |
|
37 |
CVE-2010-4253 |
787 |
|
DoS Exec Code Overflow |
2011-01-28 |
2023-02-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document. |
|
38 |
CVE-2010-4180 |
|
|
|
2010-12-06 |
2022-08-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier. |
|
39 |
CVE-2010-4164 |
191 |
|
DoS |
2011-01-03 |
2023-02-13 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via malformed X.25 (1) X25_FAC_CLASS_A, (2) X25_FAC_CLASS_B, (3) X25_FAC_CLASS_C, or (4) X25_FAC_CLASS_D facility data, a different vulnerability than CVE-2010-3873. |
|
40 |
CVE-2010-4083 |
909 |
|
+Info |
2010-11-30 |
2020-08-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call. |
|
41 |
CVE-2010-4081 |
909 |
|
+Info |
2010-11-30 |
2020-08-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. |
|
42 |
CVE-2010-4080 |
200 |
|
+Info |
2010-11-30 |
2020-08-12 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. |
|
43 |
CVE-2010-4079 |
200 |
|
+Info |
2010-11-29 |
2020-08-12 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. |
|
44 |
CVE-2010-4078 |
909 |
|
+Info |
2010-11-29 |
2020-08-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. |
|
45 |
CVE-2010-4074 |
200 |
|
+Info |
2010-11-29 |
2020-08-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c. |
|
46 |
CVE-2010-4073 |
200 |
|
+Info |
2010-11-29 |
2020-08-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. |
|
47 |
CVE-2010-4072 |
200 |
|
+Info |
2010-11-29 |
2020-08-14 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." |
|
48 |
CVE-2010-4008 |
119 |
|
DoS Overflow |
2010-11-17 |
2020-06-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document. |
|
49 |
CVE-2010-3880 |
835 |
|
DoS |
2010-12-10 |
2023-02-13 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DIAG_REQ_BYTECODE instructions in a netlink message that contains multiple attribute elements, as demonstrated by INET_DIAG_BC_JMP instructions. |
|
50 |
CVE-2010-3877 |
909 |
|
+Info |
2011-01-03 |
2023-02-13 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. |
