CVE-2010-3689
- EPSS 0.65%
- Veröffentlicht 28.01.2011 22:00:05
- Zuletzt bearbeitet 16.06.2026 23:23:20
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
CVE-2010-4253
- EPSS 10.1%
- Veröffentlicht 28.01.2011 22:00:05
- Zuletzt bearbeitet 16.06.2026 23:24:26
Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office docu...
CVE-2011-0480
- EPSS 2.3%
- Veröffentlicht 14.01.2011 17:00:03
- Zuletzt bearbeitet 16.06.2026 23:27:28
Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service (memory corruption and application crash) or ...
CVE-2010-3848
- EPSS 0.7%
- Veröffentlicht 30.12.2010 19:00:03
- Zuletzt bearbeitet 16.06.2026 23:23:40
Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.
CVE-2010-3849
- EPSS 0.72%
- Veröffentlicht 30.12.2010 19:00:03
- Zuletzt bearbeitet 16.06.2026 23:23:40
The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a sendmsg call that specifies a N...
CVE-2010-3850
- EPSS 0.8%
- Veröffentlicht 30.12.2010 19:00:03
- Zuletzt bearbeitet 16.06.2026 23:23:40
The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not require the CAP_NET_ADMIN capability, which allows local users to bypass intended access restrictions and configure econet addresses via an SIOCSIFADDR i...
CVE-2010-4344
- EPSS 71.9%
- Veröffentlicht 14.12.2010 16:00:04
- Zuletzt bearbeitet 16.06.2026 23:24:36
Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that includes two MAIL commands in conjunction with a large message containing crafted hea...
CVE-2010-4345
- EPSS 17.79%
- Veröffentlicht 14.12.2010 16:00:04
- Zuletzt bearbeitet 16.06.2026 23:24:36
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands, as demonstrated by the spool_directory direct...
CVE-2010-3861
- EPSS 0.41%
- Veröffentlicht 10.12.2010 19:00:04
- Zuletzt bearbeitet 16.06.2026 23:23:42
The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command...
CVE-2010-4180
- EPSS 9.5%
- Veröffentlicht 06.12.2010 21:05:48
- Zuletzt bearbeitet 16.06.2026 23:24:18
OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an uninte...