|
302901
|
- |
|
isc
|
bind
|
named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attackers to make successful requests for private DNS records via the standard DNS quer…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3615
|
2024-11-21 10:19 |
2010-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302902
|
- |
|
isc
|
bind
|
named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY a…
|
CWE-20
Improper Input Validation
|
CVE-2010-3614
|
2024-11-21 10:19 |
2010-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302903
|
- |
|
isc
|
bind
|
named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3613
|
2024-11-21 10:19 |
2010-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302904
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2010-3858
|
2024-11-21 10:19 |
2010-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302905
|
- |
|
vtiger
|
vtiger_crm
|
Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM before 5.2.1 allow remote attackers to inject arbitrary web script or HTML via (1) the username (aka default_user_name) field or (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3911
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302906
|
- |
|
vtiger
|
vtiger_crm
|
Multiple directory traversal vulnerabilities in the return_application_language function in include/utils/utils.php in vtiger CRM before 5.2.1 allow remote attackers to include and execute arbitrary …
|
CWE-22
Path Traversal
|
CVE-2010-3910
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302907
|
- |
|
vtiger
|
vtiger_crm
|
Incomplete blacklist vulnerability in config.template.php in vtiger CRM before 5.2.1 allows remote authenticated users to execute arbitrary code by using the draft save feature in the Compose Mail co…
|
CWE-94
Code Injection
|
CVE-2010-3909
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302908
|
- |
|
freetype
|
freetype
|
Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execut…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3855
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302909
|
- |
|
apple
|
iphone_os
|
Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3832
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302910
|
- |
|
apple
|
iphone_os
|
Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a …
|
CWE-200
Information Exposure
|
CVE-2010-3831
|
2024-11-21 10:19 |
2010-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
