|
309031
|
- |
|
libvirt
|
libvirt
|
Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspeci…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2239
|
2024-11-21 10:16 |
2010-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309032
|
- |
|
libvirt
|
libvirt
|
Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary fil…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2238
|
2024-11-21 10:16 |
2010-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309033
|
- |
|
libvirt
|
libvirt
|
Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the user-defined main disk format, which might allow guest OS users to read arbitrary files on the hos…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2237
|
2024-11-21 10:16 |
2010-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309034
|
- |
|
redhat
|
directory_server
|
The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8.2 use world-readable permissions when creating cache files, which allows local users to obtain sens…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2241
|
2024-11-21 10:16 |
2010-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309035
|
- |
|
opera
|
opera_browser
|
Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently…
|
CWE-94
Code Injection
|
CVE-2010-2576
|
2024-11-21 10:16 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309036
|
- |
|
pligg
|
pligg_cms
|
Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow remote attackers to execute arbitrary SQL commands via the title parameter to (1) storyrss.php or (2) story.php.
|
CWE-89
SQL Injection
|
CVE-2010-2577
|
2024-11-21 10:16 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309037
|
- |
|
microsoft
|
windows_xp
windows_server_2003
windows_2003_server
|
The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows Server 2003 SP2, does not properly validate certificate request messages from TLS and SSL servers, …
|
CWE-20
Improper Input Validation
|
CVE-2010-2566
|
2024-11-21 10:16 |
2010-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309038
|
- |
|
microsoft
|
windows_movie_maker
|
Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file,…
|
CWE-94
Code Injection
|
CVE-2010-2564
|
2024-11-21 10:16 |
2010-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309039
|
- |
|
microsoft
|
open_xml_file_format_converter
office
excel
|
Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to ex…
|
CWE-94
Code Injection
|
CVE-2010-2562
|
2024-11-21 10:16 |
2010-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309040
|
- |
|
microsoft
|
xml_core_services
|
Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cra…
|
CWE-94
Code Injection
|
CVE-2010-2561
|
2024-11-21 10:16 |
2010-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
