CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2010(Gain Privilege) (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-4398 119 1 Overflow +Priv Bypass 2010-12-06 2018-10-12
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (UAC) feature, via a crafted REG_BINARY value for a SystemDefaultEUDCFont registry key, aka "Driver Improper Interaction with Windows Kernel Vulnerability."
2 CVE-2010-4297 20 +Priv 2010-12-06 2018-10-10
7.2
None Local Low Not required Complete Complete Complete
The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a "command injection" issue.
3 CVE-2010-4296 264 +Priv 2010-12-06 2018-10-10
7.2
None Local Low Not required Complete Complete Complete
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files.
4 CVE-2010-4170 264 1 +Priv 2010-12-07 2019-04-19
7.2
None Local Low Not required Complete Complete Complete
The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.
5 CVE-2010-4115 255 +Priv 2010-12-17 2018-10-10
9.0
None Remote Low ??? Complete Complete Complete
HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS201R014, and TS201R015 installs an undocumented admin account with a default "!admin" password, which allows remote attackers to gain privileges.
6 CVE-2010-4031 +Priv 2010-11-02 2017-08-17
8.0
None Remote Low ??? Partial Complete Partial
Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
7 CVE-2010-3992 +Priv 2010-10-28 2010-11-11
9.0
None Remote Low ??? Complete Complete Complete
Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
8 CVE-2010-3983 264 +Priv 2010-10-18 2010-11-03
9.0
None Remote Low ??? Complete Complete Complete
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
9 CVE-2010-3967 +Priv 2010-12-16 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Movie Maker (MSWMM) file, aka "Insecure Library Loading Vulnerability."
10 CVE-2010-3966 +Priv 2010-12-16 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains an EML file, an RSS file, or a WPOST file, aka "BranchCache Insecure Library Loading Vulnerability."
11 CVE-2010-3965 +Priv 2010-12-16 2019-02-26
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Windows Media Profile (PRX) file, aka "Insecure Library Loading Vulnerability."
12 CVE-2010-3963 119 Overflow +Priv 2010-12-16 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the Routing and Remote Access NDProxy component in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, related to the Routing and Remote Access service (RRAS) and improper copying from user mode to the kernel, aka "Kernel NDProxy Buffer Overflow Vulnerability."
13 CVE-2010-3961 264 +Priv 2010-12-16 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle an unspecified registry-key value, which allows local users with SeImpersonatePrivilege rights to gain privileges via a crafted application, aka "Consent UI Impersonation Vulnerability."
14 CVE-2010-3956 94 +Priv 2010-12-16 2019-02-26
9.3
None Remote Medium Not required Complete Complete Complete
The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform array indexing, which allows local users to gain privileges via a crafted OpenType font, aka "OpenType Font Index Vulnerability."
15 CVE-2010-3944 20 +Priv Mem. Corr. 2010-12-16 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted application, aka "Win32k Memory Corruption Vulnerability."
16 CVE-2010-3943 264 +Priv 2010-12-16 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly link driver objects, which allows local users to gain privileges via a crafted application that triggers linked-list corruption, aka "Win32k Cursor Linking Vulnerability."
17 CVE-2010-3942 119 Overflow +Priv 2010-12-16 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly allocate memory for copies from user mode, which allows local users to gain privileges via a crafted application, aka "Win32k WriteAV Vulnerability."
18 CVE-2010-3941 399 +Priv 2010-12-16 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k Double Free Vulnerability."
19 CVE-2010-3940 399 +Priv 2010-12-16 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a crafted application, aka "Win32k PFE Pointer Double Free Vulnerability."
20 CVE-2010-3939 119 Overflow +Priv 2010-12-16 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via vectors related to improper memory allocation for copies from user mode, aka "Win32k Buffer Overflow Vulnerability."
21 CVE-2010-3905 287 +Priv 2010-12-22 2017-08-17
7.5
None Remote Low Not required Partial Partial Partial
The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not perform authentication, which allows remote attackers to gain privileges by sending password reset requests for other users.
22 CVE-2010-3904 20 +Priv 2010-12-06 2020-08-14
7.2
None Local Low Not required Complete Complete Complete
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.
23 CVE-2010-3895 264 1 +Priv 2010-11-12 2018-10-10
7.2
None Local Low Not required Complete Complete Complete
esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by specifying an arbitrary command name as the first argument.
24 CVE-2010-3889 +Priv 2010-10-08 2018-08-13
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Microsoft researchers and other researchers.
25 CVE-2010-3888 +Priv 2010-10-08 2010-10-11
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified by Kaspersky Lab researchers and other researchers.
26 CVE-2010-3830 264 +Priv 2010-11-26 2017-08-17
7.2
None Local Low Not required Complete Complete Complete
Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors.
27 CVE-2010-3733 264 +Priv 2010-10-05 2017-09-19
7.2
None Local Low Not required Complete Complete Complete
The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf file, which might allow local users to gain privileges by modifying this file.
28 CVE-2010-3483 264 2 +Priv XSS 2010-09-22 2010-09-23
7.5
None Remote Low Not required Partial Partial Partial
cms_write.php in Primitive CMS 1.0.9 does not properly restrict access, which allows remote attackers to gain administrative privileges via a direct request. NOTE: this vulnerability can be leveraged to conduct cross-site scripting attacks, as demonstrated using the (1) title, (2) content, and (3) menutitle parameters.
29 CVE-2010-3338 20 +Priv 2010-12-16 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888.
30 CVE-2010-3337 +Priv 2010-11-10 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading Vulnerability." NOTE: this might overlap CVE-2010-3141 and CVE-2010-3142.
31 CVE-2010-3301 269 +Priv 2010-09-22 2020-08-14
7.2
None Local Low Not required Complete Complete Complete
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression.
32 CVE-2010-3222 119 Overflow +Priv 2010-10-13 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
Stack-based buffer overflow in the Remote Procedure Call Subsystem (RPCSS) in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted LPC message that requests an LRPC connection from an LPC server to a client, aka "LPC Message Buffer Overrun Vulnerability."
33 CVE-2010-3190 426 +Priv 2010-08-31 2020-11-16
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Visual Studio .NET 2003 SP1; Visual Studio 2005 SP1, 2008 SP1, and 2010; Visual C++ 2005 SP1, 2008 SP1, and 2010; and Exchange Server 2010 Service Pack 3, 2013, and 2013 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory during execution of an MFC application such as AtlTraceTool8.exe (aka ATL MFC Trace Tool), as demonstrated by a directory that contains a TRC, cur, rs, rct, or res file, aka "MFC Insecure Library Loading Vulnerability."
34 CVE-2010-3148 1 +Priv 2010-08-27 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading Vulnerability."
35 CVE-2010-3147 1 +Priv 2010-08-27 2019-02-26
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges via a Trojan horse wab32res.dll file in the current working directory, as demonstrated by a directory that contains a Windows Address Book (WAB), VCF (aka vCard), or P7C file, aka "Insecure Library Loading Vulnerability." NOTE: the codebase for this product may overlap the codebase for the product referenced in CVE-2010-3143.
36 CVE-2010-3146 1 +Priv 2010-08-27 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gain privileges via a Trojan horse (1) mso.dll or (2) GroovePerfmon.dll file in the current working directory, as demonstrated by a directory that contains a Groove vCard (.vcg) or Groove Tool Archive (.gta) file, aka "Microsoft Groove Insecure Library Loading Vulnerability."
37 CVE-2010-3145 1 +Priv 2010-08-27 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in Backup Manager in Microsoft Windows Vista SP1 and SP2, allows local users to gain privileges via a Trojan horse fveapi.dll file in the current working directory, as demonstrated by a directory that contains a Windows Backup Catalog (.wbcat) file, aka "Backup Manager Insecure Library Loading Vulnerability."
38 CVE-2010-3144 1 +Priv 2010-08-27 2019-02-26
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a Trojan horse smmscrpt.dll file in the current working directory, as demonstrated by a directory that contains an ISP or INS file, aka "Internet Connection Signup Wizard Insecure Library Loading Vulnerability."
39 CVE-2010-3138 2 +Priv 2010-08-27 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 allows local users to gain privileges via a Trojan horse iacenc.dll file in the current working directory, as demonstrated by access through BS.Player or Media Player Classic to a directory that contains a .avi, .mka, .ra, or .ram file, aka "Indeo Codec Insecure Library Loading Vulnerability." NOTE: some of these details are obtained from third party information.
40 CVE-2010-3110 119 Overflow +Priv 2010-10-12 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors.
41 CVE-2010-3081 119 Overflow +Priv 2010-09-24 2020-08-11
7.2
None Local Low Not required Complete Complete Complete
The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the userspace memory required for the 32-bit compatibility layer, which allows local users to gain privileges by leveraging the ability of the compat_mc_getsockopt function (aka the MCAST_MSFILTER getsockopt support) to control a certain length value, related to a "stack pointer underflow" issue, as exploited in the wild in September 2010.
42 CVE-2010-3009 +Priv +Info 2010-09-15 2019-10-09
9.0
None Remote Low ??? Complete Complete Complete
Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors.
43 CVE-2010-3008 DoS +Priv 2010-09-13 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007.
44 CVE-2010-3007 DoS +Priv 2010-09-09 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors.
45 CVE-2010-2962 20 +Priv 2010-11-26 2020-08-14
7.2
None Local Low Not required Complete Complete Complete
drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations.
46 CVE-2010-2944 287 +Priv 2010-08-20 2010-08-23
7.5
None Remote Low Not required Partial Partial Partial
The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not verify the password for the emergency account, which allows remote attackers to gain privileges.
47 CVE-2010-2930 119 Overflow +Priv 2010-08-02 2017-08-17
7.2
None Local Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in hsolinkcontrol in hsolink 1.0.118 allow local users to gain privileges via long command-line arguments, a different vulnerability than CVE-2010-1671. NOTE: some of these details are obtained from third party information.
48 CVE-2010-2929 264 +Priv 2010-08-02 2017-08-17
7.2
None Local Low Not required Complete Complete Complete
Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via a modified PATH environment variable, which is used during execution of the (1) route, (2) mv, and (3) cp programs, a different vulnerability than CVE-2010-1671.
49 CVE-2010-2887 +Priv 2010-10-06 2017-09-19
9.3
None Remote Medium Not required Complete Complete Complete
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors.
50 CVE-2010-2744 264 1 +Priv 2010-10-13 2019-02-26
7.2
None Local Low Not required Complete Complete Complete
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 do not properly manage a window class, which allows local users to gain privileges by creating a window, then using (1) the SetWindowLongPtr function to modify the popup menu structure, or (2) the SwitchWndProc function with a switch window information pointer, which is not re-initialized when a WM_NCCREATE message is processed, aka "Win32k Window Class Vulnerability."
Total number of vulnerabilities : 99   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.