|
287481
|
- |
|
sun
|
solaris
|
Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary files via a symlink attack on the /tmp/CLEANUP temporary file, related to use of Update Manager.
|
CWE-59
Link Following
|
CVE-2010-1183
|
2018-10-11 04:56 |
2010-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287482
|
- |
|
sap
|
maxdb
|
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to T…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1185
|
2018-10-11 04:56 |
2010-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287483
|
- |
|
sahanafoundation
|
sahana
|
Sahana disaster management system 0.6.2.2, and possibly other versions, allows remote attackers to bypass intended access restrictions and disable administrator authentication via a direct request to…
|
CWE-287
Improper Authentication
|
CVE-2010-1191
|
2018-10-11 04:56 |
2010-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287484
|
- |
|
ca
|
xosoft_content_distribution
xosoft_high_availability
xosoft_replication
|
CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to enumerate usernames via a SOAP request.
|
CWE-287
Improper Authentication
|
CVE-2010-1221
|
2018-10-11 04:56 |
2010-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287485
|
- |
|
ca
|
xosoft_content_distribution
xosoft_high_availability
xosoft_replication
|
Per: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869
'The first vulnerability, CVE-2010-1221, occurs due to a lack of authentication. An attacker can make a SOAP request…
|
CWE-287
Improper Authentication
|
CVE-2010-1221
|
2018-10-11 04:56 |
2010-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287486
|
- |
|
ca
|
xosoft_content_distribution
xosoft_high_availability
xosoft_replication
|
CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain potentially sensitive information via a SOAP request.
|
CWE-287
Improper Authentication
|
CVE-2010-1222
|
2018-10-11 04:56 |
2010-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287487
|
- |
|
ca
|
xosoft_content_distribution
xosoft_high_availability
xosoft_replication
|
Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1223
|
2018-10-11 04:56 |
2010-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287488
|
- |
|
digium
|
asterisk
|
main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1224
|
2018-10-11 04:56 |
2010-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287489
|
- |
|
sun
|
java_system_communications_express
|
Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allows remote attackers to inject arbitrary web script or HTML via the subject field of a message, as de…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1227
|
2018-10-11 04:56 |
2010-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287490
|
- |
|
microsoft
|
virtual_pc
virtual_server
windows_virtual_pc
|
The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Microsoft Virtual PC 2007 Gold and SP1, Virtual Server 2005 Gold and R2 SP1, and Windows Virtual PC does…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1225
|
2018-10-11 04:56 |
2010-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
