|
310251
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x before 3.6.4; and 4.0.x before 4.0rc2 does not properly generate random values for cookies and tokens, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4568
|
2024-11-21 10:21 |
2011-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310252
|
- |
|
mozilla
|
bugzilla
|
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not properly handle whitespace preceding a (1) javascript: or (2) data: URI, which allows remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4567
|
2024-11-21 10:21 |
2011-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310253
|
- |
|
linux-pam
|
linux-pam
|
The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a user's home directory, which might allow local users to run programs with an unintended environment by…
|
NVD-CWE-Other
|
CVE-2010-4708
|
2024-11-21 10:21 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310254
|
- |
|
linux-pam
|
linux-pam
|
The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not verify that a certain ACL file is a regular file, which might allow local users to caus…
|
CWE-399
Resource Management Errors
|
CVE-2010-4707
|
2024-11-21 10:21 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310255
|
- |
|
linux-pam
|
linux-pam
|
The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid, which might all…
|
NVD-CWE-Other
|
CVE-2010-4706
|
2024-11-21 10:21 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310256
|
- |
|
ffmpeg
|
ffmpeg
|
Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to …
|
CWE-189
Numeric Errors
|
CVE-2010-4705
|
2024-11-21 10:21 |
2011-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310257
|
- |
|
ffmpeg
|
ffmpeg
|
libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor…
|
CWE-20
Improper Input Validation
|
CVE-2010-4704
|
2024-11-21 10:21 |
2011-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310258
|
- |
|
hotwebscripts
|
hotweb_rentals
|
SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers to execute arbitrary SQL commands via the PageId parameter. NOTE: the provenance of this informatio…
|
CWE-89
SQL Injection
|
CVE-2010-4703
|
2024-11-21 10:21 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310259
|
- |
|
fxwebdesign
|
com_jradio
|
SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-4702
|
2024-11-21 10:21 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310260
|
- |
|
microsoft
|
windows_2003_server
windows_xp
windows_7
|
Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows Fax Services Cover Page Editor 5.2 r2 in Windows XP Professional SP3, Server 2003 R2 Enterprise Ed…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4701
|
2024-11-21 10:21 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
