CVE & Exploit Intelligence Database

CVE-2009-4895 4.7 MEDIUM EPSS 0.00

Race condition in the tty_fasync function in drivers/char/tty_io.c in the Linux kernel before 2.6.32.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via unknown vectors, related to the put_tty_queue and __f_setown functions. NOTE: the vulnerability was addressed in a different way in 2.6.32.9.

CWE-362 Sep 08, 2010

CVE-2010-2249 6.5 MEDIUM EPSS 0.02

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

CWE-401 Jun 30, 2010

CVE-2010-1637 6.5 MEDIUM EPSS 0.01

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

CWE-918 Jun 22, 2010

CVE-2010-1282 6.5 MEDIUM EPSS 0.01

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted ATOM size in a .dir (aka Director) file.

CWE-835 May 13, 2010

CVE-2010-0738 5.3 MEDIUM KEV RANSOMWARE 12 PoCs Analysis EPSS 0.91

The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.

CWE-749 Apr 28, 2010

CVE-2010-0481 5.5 MEDIUM EPSS 0.01

The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly translate a registry key's virtual path to its real path, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Virtual Path Parsing Vulnerability."

CWE-22 Apr 14, 2010

CVE-2010-0629 6.5 MEDIUM EPSS 0.02

Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via a request from a kadmin client that sends an invalid API version number.

CWE-416 Apr 07, 2010

CVE-2010-0488 6.5 MEDIUM EPSS 0.16

Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding strings," which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site, aka "Post Encoding Information Disclosure Vulnerability."

CWE-200 Mar 31, 2010

CVE-2009-3960 6.5 MEDIUM KEV RANSOMWARE 3 PoCs Analysis EPSS 0.89

Unspecified vulnerability in BlazeDS 3.2 and earlier, as used in LiveCycle 8.0.1, 8.2.1, and 9.0, LiveCycle Data Services 2.5.1, 2.6.1, and 3.0, Flex Data Services 2.0.1, and ColdFusion 7.0.2, 8.0, 8.0.1, and 9.0, allows remote attackers to obtain sensitive information via vectors that are associated with a request, and related to injected tags and external entity references in XML documents.

Feb 15, 2010

CVE-2010-0021 5.9 MEDIUM EPSS 0.11

Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "SMB Memory Corruption Vulnerability."

CWE-362 Feb 10, 2010

CVE-2010-0467 5.8 MEDIUM 2 PoCs Analysis NUCLEI EPSS 0.03

Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.

CWE-22 Feb 02, 2010

CVE-2009-4449 6.5 MEDIUM EPSS 0.01

Directory traversal vulnerability in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, when changing the user avatar from the gallery, allows remote authenticated users to determine the existence of files via directory traversal sequences in the avatar and possibly the gallery parameters, related to (1) admin/modules/user/users.php and (2) usercp.php.

CWE-22 Dec 29, 2009

CVE-2009-3897 5.5 MEDIUM EPSS 0.00

Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base_dir directory, and possibly the base_dir directory itself.

CWE-732 Nov 24, 2009

CVE-2009-4053 6.5 MEDIUM 1 PoC Analysis EPSS 0.04

Multiple directory traversal vulnerabilities in Home FTP Server 1.10.1.139 allow remote authenticated users to (1) create arbitrary directories via directory traversal sequences in an MKD command or (2) create files with any contents in arbitrary directories via directory traversal sequences in a file upload request. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CWE-22 Nov 23, 2009

CVE-2009-3621 5.5 MEDIUM 1 PoC Analysis EPSS 0.00

net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket.

CWE-400 Oct 22, 2009

CVE-2009-3278 5.5 MEDIUM EPSS 0.00

The QNAP TS-239 Pro and TS-639 Pro with firmware 2.1.7 0613, 3.1.0 0627, and 3.1.1 0815 use the rand library function to generate a certain recovery key, which makes it easier for local users to determine this key via a brute-force attack.

CWE-338 Sep 21, 2009

CVE-2009-3238 5.5 MEDIUM EPSS 0.00

The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via vectors that leverage the function's tendency to "return the same value over and over again for long stretches of time."

CWE-338 Sep 18, 2009

CVE-2009-3022 6.5 MEDIUM EPSS 0.00

Cross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors.

CWE-352 Aug 31, 2009

CVE-2009-2857 5.5 MEDIUM EPSS 0.00

The kernel in Sun Solaris 8, 9, and 10, and OpenSolaris before snv_103, does not properly handle interaction between the filesystem and virtual-memory implementations, which allows local users to cause a denial of service (deadlock and system halt) via vectors involving mmap and write operations on the same file.

CWE-667 Aug 19, 2009

CVE-2009-2055 5.9 MEDIUM KEV EPSS 0.00

Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009.

CWE-20 Aug 19, 2009