| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-3332 | 6.4 |
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption attempts, which allows remote attackers to decrypt
|
23-11-2020 - 19:50 | 22-09-2010 - 19:00 | |
| CVE-2009-0217 | 5.0 |
The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation, as implemented in products including (1) the Oracle Security Developer Tools component in Oracle Application Server 10.1.2.3, 10.1.3.4, and 10.1.4.3IM; (2) the WebLog
|
12-10-2018 - 21:49 | 14-07-2009 - 23:30 | |
| CVE-2010-4225 | 5.0 |
Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote attackers to obtain the source code for .aspx (ASP.NET) applications via unknown vectors related to an "unloading bug."
|
17-08-2017 - 01:33 | 11-01-2011 - 03:00 | |
| CVE-2011-0990 | 5.8 |
Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures,
|
17-08-2017 - 01:33 | 13-04-2011 - 21:55 | |
| CVE-2011-0991 | 6.8 |
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting
|
17-08-2017 - 01:33 | 13-04-2011 - 21:55 | |
| CVE-2011-0992 | 5.8 |
Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrecte
|
17-08-2017 - 01:33 | 13-04-2011 - 21:55 | |
| CVE-2011-0989 | 5.8 |
The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, an
|
17-08-2017 - 01:33 | 13-04-2011 - 21:55 | |
| CVE-2010-4254 | 7.5 |
Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method ca
|
02-02-2011 - 06:59 | 06-12-2010 - 13:44 | |
| CVE-2010-3369 | 6.9 |
The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the curr
|
14-12-2010 - 05:00 | 20-10-2010 - 18:00 | |
| CVE-2010-4159 | 6.9 |
Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory. Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426
|
09-12-2010 - 08:36 | 17-11-2010 - 16:00 | |
| CVE-2010-1459 | 4.3 |
The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/
|
09-09-2010 - 05:41 | 27-05-2010 - 19:00 |