|
301161
|
- |
|
redhat
|
icedtea
|
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive infor…
|
CWE-200
Information Exposure
|
CVE-2010-3860
|
2024-11-21 10:19 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301162
|
- |
|
citrix
|
xen
|
The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread leak, which prevents the device and guest OS from being shut down or create a zombie domain, cause…
|
CWE-399
Resource Management Errors
|
CVE-2010-3699
|
2024-11-21 10:19 |
2010-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301163
|
- |
|
isc
|
bind
|
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS quer…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3615
|
2024-11-21 10:19 |
2010-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301164
|
- |
|
isc
|
bind
|
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY a…
|
CWE-20
Improper Input Validation
|
CVE-2010-3614
|
2024-11-21 10:19 |
2010-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301165
|
- |
|
isc
|
bind
|
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3613
|
2024-11-21 10:19 |
2010-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301166
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2010-3858
|
2024-11-21 10:19 |
2010-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301167
|
- |
|
vtiger
|
vtiger_crm
|
Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM before 5.2.1 allow remote attackers to inject arbitrary web script or HTML via (1) the username (aka default_user_name) field or (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3911
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301168
|
- |
|
vtiger
|
vtiger_crm
|
Multiple directory traversal vulnerabilities in the return_application_language function in include/utils/utils.php in vtiger CRM before 5.2.1 allow remote attackers to include and execute arbitrary …
|
CWE-22
Path Traversal
|
CVE-2010-3910
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301169
|
- |
|
vtiger
|
vtiger_crm
|
Incomplete blacklist vulnerability in config.template.php in vtiger CRM before 5.2.1 allows remote authenticated users to execute arbitrary code by using the draft save feature in the Compose Mail co…
|
CWE-94
Code Injection
|
CVE-2010-3909
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301170
|
- |
|
freetype
|
freetype
|
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execut…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3855
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
