259591
|
- |
|
cstr
|
festival
|
festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gai…
|
NVD-CWE-Other
|
CVE-2010-3996
|
2011-01-14 15:47 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259592
|
- |
|
squid-cache
|
squid
|
The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a …
|
NVD-CWE-Other
|
CVE-2010-3072
|
2011-01-14 15:46 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259593
|
- |
|
squid-cache
|
squid
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2010-3072
|
2011-01-14 15:46 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259594
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users …
|
CWE-310
Cryptographic Issues
|
CVE-2010-3073
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259595
|
- |
|
arg0
|
encfs
|
SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher mode for encrypted filesystems, which allows local users to obtain sensitive information via a wate…
|
CWE-310
Cryptographic Issues
|
CVE-2010-3074
|
2011-01-14 15:46 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259596
|
- |
|
linux-ipv6
|
umip
|
The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2522
|
2011-01-14 15:45 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259597
|
- |
|
linux-ipv6
|
umip
|
Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2523
|
2011-01-14 15:45 |
2010-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259598
|
- |
|
opera
|
opera_browser
|
Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact …
|
NVD-CWE-Other
|
CVE-2010-4587
|
2011-01-12 15:54 |
2010-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259599
|
- |
|
sixapart
|
movabletype
|
Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3921
|
2011-01-12 15:53 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259600
|
- |
|
sixapart
|
movabletype
|
SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-3922
|
2011-01-12 15:53 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|