CVSS: 6.8EPSS: 0%CPEs: 75EXPL: 0CVE-2010-2594
https://notcve.org/view.php?id=CVE-2010-2594
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port. Múltiples vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en la interfaz de gestión Web de InterSect Alliance Snare Agent v3.2.3 y anteriores en Solaris, Snare Agent v3.1.7 y anteriores en Windows, Snare Agent v1.5.0 y anteriores en Linux y AIX, Snare Agent v1.4 y anteriores en IRIX, Snare Epilog v1.5.3 y anteriores en Windows, y Snare Epilog v1.2 y anteriores en UNIX permiten a atacantes remotos secuestrar la autenticación de los administradores para solicitudes que (1) modifiquen la contraseña o (2) cambien el puerto de escucha. • http://holisticinfosec.org/content/view/144/45 http://secunia.com/advisories/39562 http://www.kb.cert.org/vuls/id/173009 http://www.securityfocus.com/bid/41226 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 97%CPEs: 6EXPL: 5CVE-2010-1885 – Microsoft Help Center - Cross-Site Scripting / Command Execution (MS10-042)
https://notcve.org/view.php?id=CVE-2010-1885
The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (fromHCP option) and execute arbitrary commands via a crafted hcp:// URL, aka "Help Center URL Validation Vulnerability." La función MPC::HexToNum en el fichero Helpctr.exe de la Ayuda de Microsoft Windows y soporte técnico en Windows XP y Windows Server 2003 no controla correctamente las secuencias de escape con formato incorrecto, lo que permite a atacantes remotos eludir la lista blanca de documentos de confianza (La opción fromHCP) y ejecutar comandos de su elección a través de una URL hcp:// debidamente modificada. • https://www.exploit-db.com/exploits/16545 https://www.exploit-db.com/exploits/13808 http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx http://secunia.com/advisories/40076 http://www.exploit-db.com/exploits/13808 http://www.kb.cert.org/vuls/id/578319&# • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.3EPSS: 6%CPEs: 6EXPL: 3CVE-2010-2265 – Microsoft Help and Support Center - '/sysinfo/sysinfomain.htm' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-2265
Cross-site scripting (XSS) vulnerability in the GetServerName function in sysinfo/commonFunc.js in Microsoft Windows Help and Support Center for Windows XP and Windows Server 2003 allows remote attackers to inject arbitrary web script or HTML via the svr parameter to sysinfo/sysinfomain.htm. NOTE: this can be leveraged with CVE-2010-1885 to execute arbitrary commands without user interaction. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en la función GetServerName en sysinfo/commonFunc.js de Microsoft Windows Help and Support Center para Windows XP y Windows Server 2003 permite a atacantes remotos inyectar código web o HTML de su elección a través del parámetro "svr" de sysinfo/sysinfomain.htm. NOTA: esto puede ser aprovechado con CVE-2010-1885 para ejecutar comandos a elección del atacante sin la interacción del usuario. • https://www.exploit-db.com/exploits/34126 http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0197.html http://blogs.technet.com/b/msrc/archive/2010/06/10/windows-help-vulnerability-disclosure.aspx http://blogs.technet.com/b/srd/archive/2010/06/10/help-and-support-center-vulnerability-full-disclosure-posting.aspx http://secunia.com/advisories/40076 http://www.kb.cert.org/vuls/id/578319 http://www.microsoft.com/technet/security/advisory/2219475.mspx http://www.securityfocus. • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 17EXPL: 0CVE-2010-0484
https://notcve.org/view.php?id=CVE-2010-0484
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2 "do not properly validate changes in certain kernel objects," which allows local users to execute arbitrary code via vectors related to Device Contexts (DC) and the GetDCEx function, aka "Win32k Improper Data Validation Vulnerability." Los controladores de modo kernel de Windows en win32k.sys en Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista SP1 y SP2, y Server 2008 Gold y SP2 de Microsoft "do not properly validate changes in certain kernel objects", lo que permite a los usuarios locales ejecutar código arbitrario por medio de vectores relacionados con Contextos de Dispositivo (DC) y la función GetDCEx, también se conoce como "Win32k Improper Data Validation Vulnerability" • http://www.opera.com/support/kb/view/954 http://www.securityfocus.com/archive/1/511769/100/0/threaded http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-032 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7609 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 81%CPEs: 16EXPL: 0CVE-2010-0811
https://notcve.org/view.php?id=CVE-2010-0811
Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via unknown vectors that "corrupt the system state," aka "Microsoft Internet Explorer 8 Developer Tools Vulnerability." Vulnerabilidad sin especificar en el control ActiveX Developer Tools de Microsoft Internet Explorer v8 en Microsoft Windows 2000 SP4, Windows XP SP2 y SP3, Windows Server 2003 SP2, Windows Vista SP1 y SP2, Windows Server 2008 y R2, y Windows 7 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos que "corrompen el estado del sistema". • http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-034 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12534 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7492 • CWE-94: Improper Control of Generation of Code ('Code Injection') •