|
303931
|
- |
|
linux-pam
|
linux-pam
|
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by…
|
NVD-CWE-Other
|
CVE-2010-4708
|
2024-11-21 10:21 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303932
|
- |
|
linux-pam
|
linux-pam
|
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to caus…
|
CWE-399
Resource Management Errors
|
CVE-2010-4707
|
2024-11-21 10:21 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303933
|
- |
|
linux-pam
|
linux-pam
|
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might all…
|
NVD-CWE-Other
|
CVE-2010-4706
|
2024-11-21 10:21 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303934
|
- |
|
ffmpeg
|
ffmpeg
|
Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to …
|
CWE-189
Numeric Errors
|
CVE-2010-4705
|
2024-11-21 10:21 |
2011-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303935
|
- |
|
ffmpeg
|
ffmpeg
|
libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor…
|
CWE-20
Improper Input Validation
|
CVE-2010-4704
|
2024-11-21 10:21 |
2011-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303936
|
- |
|
hotwebscripts
|
hotweb_rentals
|
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2010-4703
|
2024-11-21 10:21 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303937
|
- |
|
fxwebdesign
|
com_jradio
|
SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-4702
|
2024-11-21 10:21 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303938
|
- |
|
microsoft
|
windows_2003_server
windows_xp
windows_7
|
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Ed…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4701
|
2024-11-21 10:21 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303939
|
- |
|
oracle
|
sun_convergence
|
Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail.
|
NVD-CWE-noinfo
|
CVE-2010-4464
|
2024-11-21 10:21 |
2011-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303940
|
- |
|
php
|
php
|
The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, does not properly interact with use of the mysqli_fetch_assoc function, which might make it easier for…
|
CWE-89
SQL Injection
|
CVE-2010-4700
|
2024-11-21 10:21 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
