certfr_avis - certa-2011-avi-369

Vendor	Product	Description
N/A	N/A	Mac OS X 10.5.8 ;
N/A	N/A	Mac OS X Server 10.6.x.
N/A	N/A	Mac OS X Server 10.5.8 ;
N/A	N/A	Mac OS X 10.6.x ;

CVE-2010-0740 (GCVE-0-2010-0740)

Vulnerability from cvelistv5

Published

2010-03-26 18:00

Modified

2024-08-07 00:59

Severity ?

CWE

n/a

Summary

The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information.

References

URL

Tags

	http://secunia.com/advisories/42724	third-party-advisory, x_refsource_SECUNIA
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=127557640302499&w=2	vendor-advisory, x_refsource_HP
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.openssl.org/news/secadv_20100324.txt	x_refsource_CONFIRM
	https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2010/0710	vdb-entry, x_refsource_VUPEN
	http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/0839	vdb-entry, x_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=127557640302499&w=2	vendor-advisory, x_refsource_HP
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:076	vendor-advisory, x_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=127128920008563&w=2	vendor-advisory, x_refsource_HP
	https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html	mailing-list, x_refsource_MLIST
	http://www.securitytracker.com/id?1023748	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/39932	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0933	vdb-entry, x_refsource_VUPEN
	http://www.vmware.com/security/advisories/VMSA-2011-0003.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=127128920008563&w=2	vendor-advisory, x_refsource_HP
	https://kb.bluecoat.com/index?page=content&id=SA50	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731	vdb-entry, signature, x_refsource_OVAL
	http://www.securityfocus.com/archive/1/516397/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/43311	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/1216	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42733	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html	vendor-advisory, x_refsource_FEDORA
	http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T00:59:39.011Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "42724",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42724"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "HPSBUX02531",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20100324.txt"
          },
          {
            "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
          },
          {
            "name": "ADV-2010-0710",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0710"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
          },
          {
            "name": "ADV-2010-0839",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0839"
          },
          {
            "name": "SSRT100108",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
          },
          {
            "name": "MDVSA-2010:076",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
          },
          {
            "name": "HPSBUX02517",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
          },
          {
            "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
          },
          {
            "name": "1023748",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1023748"
          },
          {
            "name": "39932",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39932"
          },
          {
            "name": "ADV-2010-0933",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0933"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
          },
          {
            "name": "SSRT100058",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
          },
          {
            "name": "oval:org.mitre.oval:def:11731",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731"
          },
          {
            "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
          },
          {
            "name": "43311",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43311"
          },
          {
            "name": "ADV-2010-1216",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1216"
          },
          {
            "name": "42733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42733"
          },
          {
            "name": "FEDORA-2010-5744",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-03-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attackers to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number.  NOTE: some of these details are obtained from third party information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "42724",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42724"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "HPSBUX02531",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20100324.txt"
        },
        {
          "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
        },
        {
          "name": "ADV-2010-0710",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0710"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html"
        },
        {
          "name": "ADV-2010-0839",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0839"
        },
        {
          "name": "SSRT100108",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127557640302499\u0026w=2"
        },
        {
          "name": "MDVSA-2010:076",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
        },
        {
          "name": "HPSBUX02517",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
        },
        {
          "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
        },
        {
          "name": "1023748",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1023748"
        },
        {
          "name": "39932",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39932"
        },
        {
          "name": "ADV-2010-0933",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0933"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
        },
        {
          "name": "SSRT100058",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
        },
        {
          "name": "oval:org.mitre.oval:def:11731",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11731"
        },
        {
          "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
        },
        {
          "name": "43311",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43311"
        },
        {
          "name": "ADV-2010-1216",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1216"
        },
        {
          "name": "42733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42733"
        },
        {
          "name": "FEDORA-2010-5744",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-0740",
    "datePublished": "2010-03-26T18:00:00",
    "dateReserved": "2010-02-26T00:00:00",
    "dateUpdated": "2024-08-07T00:59:39.011Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0206 (GCVE-0-2011-0206)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/68217	vdb-entry, x_refsource_XF
	http://support.apple.com/kb/HT4999	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4808	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "macos-icu-bo(68217)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68217"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4999"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4808"
          },
          {
            "name": "APPLE-SA-2011-07-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-10-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "macos-icu-bo(68217)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68217"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4999"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4808"
        },
        {
          "name": "APPLE-SA-2011-07-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0206",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in International Components for Unicode (ICU) in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving uppercase strings."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "macos-icu-bo(68217)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68217"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4999"
            },
            {
              "name": "http://support.apple.com/kb/HT4808",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4808"
            },
            {
              "name": "APPLE-SA-2011-07-20-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0206",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0195 (GCVE-0-2011-0195)

Vulnerability from cvelistv5

Published

2011-04-15 19:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site. NOTE: this may overlap CVE-2011-1202.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securitytracker.com/id?1025365	vdb-entry, x_refsource_SECTRACK
	http://support.apple.com/kb/HT4808	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.431Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "1025365",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025365"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4808"
          },
          {
            "name": "APPLE-SA-2011-04-14-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-07-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-04-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site.  NOTE: this may overlap CVE-2011-1202."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-04-21T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "1025365",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025365"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4808"
        },
        {
          "name": "APPLE-SA-2011-04-14-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-07-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0195",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The generate-id XPath function in libxslt in Apple iOS 4.3.x before 4.3.2 allows remote attackers to obtain potentially sensitive information about heap memory addresses via a crafted web site.  NOTE: this may overlap CVE-2011-1202."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "1025365",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1025365"
            },
            {
              "name": "http://support.apple.com/kb/HT4808",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4808"
            },
            {
              "name": "APPLE-SA-2011-04-14-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Apr/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-07-20-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0195",
    "datePublished": "2011-04-15T19:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0204 (GCVE-0-2011-0204)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4981	x_refsource_CONFIRM
	http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html	mailing-list, x_refsource_BUGTRAQ
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4808	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://osvdb.org/73368	vdb-entry, x_refsource_OSVDB

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4981"
          },
          {
            "name": "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html"
          },
          {
            "name": "APPLE-SA-2011-10-11-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4808"
          },
          {
            "name": "APPLE-SA-2011-07-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
          },
          {
            "name": "73368",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/73368"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-23T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4981"
        },
        {
          "name": "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html"
        },
        {
          "name": "APPLE-SA-2011-10-11-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4808"
        },
        {
          "name": "APPLE-SA-2011-07-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
        },
        {
          "name": "73368",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/73368"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0204",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "http://support.apple.com/kb/HT4981",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4981"
            },
            {
              "name": "20110628 NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2011-07/0034.html"
            },
            {
              "name": "APPLE-SA-2011-10-11-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4808",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4808"
            },
            {
              "name": "APPLE-SA-2011-07-20-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
            },
            {
              "name": "73368",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/73368"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0204",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3069 (GCVE-0-2010-3069)

Vulnerability from cvelistv5

Published

2010-09-15 17:26

Modified

2024-08-07 02:55

Severity ?

CWE

n/a

Summary

Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share.

References

URL

Tags

	http://marc.info/?l=bugtraq&m=130835366526620&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/42885	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/2378	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html	vendor-advisory, x_refsource_FEDORA
	http://us1.samba.org/samba/security/CVE-2010-3069.html	x_refsource_CONFIRM
	http://secunia.com/advisories/41354	third-party-advisory, x_refsource_SECUNIA
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://marc.info/?l=bugtraq&m=130835366526620&w=2	vendor-advisory, x_refsource_HP
	http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html	vendor-advisory, x_refsource_APPLE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/61773	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/archive/1/515055/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.ubuntu.com/usn/USN-987-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id?1024434	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/41447	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/42531	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/3126	vdb-entry, x_refsource_VUPEN
	http://us1.samba.org/samba/history/samba-3.5.5.html	x_refsource_CONFIRM
	http://www.vmware.com/security/advisories/VMSA-2010-0019.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/43212	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0091	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.redhat.com/support/errata/RHSA-2010-0860.html	vendor-advisory, x_refsource_REDHAT
	http://support.apple.com/kb/HT4581	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:55:46.813Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX02657",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
          },
          {
            "name": "42885",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42885"
          },
          {
            "name": "ADV-2010-2378",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2378"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "FEDORA-2010-14678",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://us1.samba.org/samba/security/CVE-2010-3069.html"
          },
          {
            "name": "41354",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41354"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "SSRT100460",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
          },
          {
            "name": "APPLE-SA-2011-03-21-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
          },
          {
            "name": "samba-sidparse-bo(61773)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61773"
          },
          {
            "name": "20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
          },
          {
            "name": "USN-987-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-987-1"
          },
          {
            "name": "1024434",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024434"
          },
          {
            "name": "41447",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/41447"
          },
          {
            "name": "FEDORA-2010-14627",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html"
          },
          {
            "name": "42531",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42531"
          },
          {
            "name": "ADV-2010-3126",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3126"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://us1.samba.org/samba/history/samba-3.5.5.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
          },
          {
            "name": "SUSE-SR:2010:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
          },
          {
            "name": "43212",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43212"
          },
          {
            "name": "ADV-2011-0091",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0091"
          },
          {
            "name": "FEDORA-2010-14768",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html"
          },
          {
            "name": "SUSE-SR:2010:018",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
          },
          {
            "name": "RHSA-2010:0860",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0860.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4581"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "HPSBUX02657",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
        },
        {
          "name": "42885",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42885"
        },
        {
          "name": "ADV-2010-2378",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2378"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "FEDORA-2010-14678",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047697.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://us1.samba.org/samba/security/CVE-2010-3069.html"
        },
        {
          "name": "41354",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41354"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "SSRT100460",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
        },
        {
          "name": "APPLE-SA-2011-03-21-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html"
        },
        {
          "name": "samba-sidparse-bo(61773)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/61773"
        },
        {
          "name": "20101207 VMSA-2010-0019 VMware ESX third party updates for Service Console",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/515055/100/0/threaded"
        },
        {
          "name": "USN-987-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-987-1"
        },
        {
          "name": "1024434",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024434"
        },
        {
          "name": "41447",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/41447"
        },
        {
          "name": "FEDORA-2010-14627",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047650.html"
        },
        {
          "name": "42531",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42531"
        },
        {
          "name": "ADV-2010-3126",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3126"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://us1.samba.org/samba/history/samba-3.5.5.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2010-0019.html"
        },
        {
          "name": "SUSE-SR:2010:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
        },
        {
          "name": "43212",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43212"
        },
        {
          "name": "ADV-2011-0091",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0091"
        },
        {
          "name": "FEDORA-2010-14768",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047758.html"
        },
        {
          "name": "SUSE-SR:2010:018",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00000.html"
        },
        {
          "name": "RHSA-2010:0860",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0860.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4581"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3069",
    "datePublished": "2010-09-15T17:26:00",
    "dateReserved": "2010-08-20T00:00:00",
    "dateUpdated": "2024-08-07T02:55:46.813Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3834 (GCVE-0-2010-3834)

Vulnerability from cvelistv5

Published

2011-01-14 18:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to "materializing a derived table that required a temporary table for grouping" and "user variable assignments."

References

URL

Tags

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64844	vdb-entry, x_refsource_XF
	http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=640808	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/43676	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	http://bugs.mysql.com/bug.php?id=55568	x_refsource_MISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:223	vendor-advisory, x_refsource_MANDRIVA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:12.223Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
          },
          {
            "name": "mysql-derived-table-dos(64844)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64844"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
          },
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640808"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "43676",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43676"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=55568"
          },
          {
            "name": "MDVSA-2010:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to \"materializing a derived table that required a temporary table for grouping\" and \"user variable assignments.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
        },
        {
          "name": "mysql-derived-table-dos(64844)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64844"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
        },
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640808"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "43676",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43676"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=55568"
        },
        {
          "name": "MDVSA-2010:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3834",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via vectors related to \"materializing a derived table that required a temporary table for grouping\" and \"user variable assignments.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
            },
            {
              "name": "mysql-derived-table-dos(64844)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64844"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
            },
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=640808",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640808"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "43676",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43676"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=55568",
              "refsource": "MISC",
              "url": "http://bugs.mysql.com/bug.php?id=55568"
            },
            {
              "name": "MDVSA-2010:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3834",
    "datePublished": "2011-01-14T18:00:00",
    "dateReserved": "2010-10-07T00:00:00",
    "dateUpdated": "2024-08-07T03:26:12.223Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3790 (GCVE-0-2010-3790)

Vulnerability from cvelistv5

Published

2010-11-16 21:00

Modified

2024-08-07 03:18

Severity ?

CWE

n/a

Summary

QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary.

References

URL

Tags

	http://www.zerodayinitiative.com/advisories/ZDI-11-038/	x_refsource_MISC
	http://support.apple.com/kb/HT4435	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://www.securitytracker.com/id?1024729	vdb-entry, x_refsource_SECTRACK
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4447	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/44794	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:53.222Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4435"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "1024729",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024729"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "APPLE-SA-2010-12-07-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
          },
          {
            "name": "APPLE-SA-2010-11-10-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4447"
          },
          {
            "name": "44794",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/44794"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-11-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-12-10T10:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4435"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "1024729",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024729"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "APPLE-SA-2010-12-07-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
        },
        {
          "name": "APPLE-SA-2010-11-10-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4447"
        },
        {
          "name": "44794",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/44794"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2010-3790",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file that causes an image sample transformation to scale a sprite outside a buffer boundary."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-11-038/"
            },
            {
              "name": "http://support.apple.com/kb/HT4435",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4435"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "1024729",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024729"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "APPLE-SA-2010-12-07-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Dec/msg00000.html"
            },
            {
              "name": "APPLE-SA-2010-11-10-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4447",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4447"
            },
            {
              "name": "44794",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/44794"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2010-3790",
    "datePublished": "2010-11-16T21:00:00",
    "dateReserved": "2010-10-07T00:00:00",
    "dateUpdated": "2024-08-07T03:18:53.222Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0197 (GCVE-0-2011-0197)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user's AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48443	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.271Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48443",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48443"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user\u0027s AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48443",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48443"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0197",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "App Store in Apple Mac OS X before 10.6.8 creates a log entry containing a user\u0027s AppleID password, which might allow local users to obtain sensitive information by reading a log file, as demonstrated by a log file that has non-default permissions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48443",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48443"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0197",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4180 (GCVE-0-2010-4180)

Vulnerability from cvelistv5

Published

2010-12-06 21:00

Modified

2024-08-07 03:34

Severity ?

CWE

n/a

Summary

OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id?1024822	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/42473	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/42571	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43170	third-party-advisory, x_refsource_SECUNIA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668471	vendor-advisory, x_refsource_SLACKWARE
	http://www.vupen.com/english/advisories/2011/0268	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html	vendor-advisory, x_refsource_SUSE
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/42493	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43173	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2011/0032	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/43171	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/42620	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/522176	vendor-advisory, x_refsource_HP
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://ubuntu.com/usn/usn-1029-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2010/3120	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html	vendor-advisory, x_refsource_FEDORA
	http://www.vupen.com/english/advisories/2010/3122	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43169	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43172	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=132077688910227&w=2	vendor-advisory, x_refsource_HP
	http://www.securityfocus.com/bid/45164	vdb-entry, x_refsource_BID
	http://osvdb.org/69565	vdb-entry, x_refsource_OSVDB
	https://bugzilla.redhat.com/show_bug.cgi?id=659462	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/737740	third-party-advisory, x_refsource_CERT-VN
	http://secunia.com/advisories/42469	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/522176	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=130497251507577&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/42877	third-party-advisory, x_refsource_SECUNIA
	http://cvs.openssl.org/chngview?cn=20131	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0977.html	vendor-advisory, x_refsource_REDHAT
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777	vendor-advisory, x_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2010/3134	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2010/3188	vdb-entry, x_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910	vdb-entry, signature, x_refsource_OVAL
	http://marc.info/?l=bugtraq&m=129916880600544&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2011/0076	vdb-entry, x_refsource_VUPEN
	http://openssl.org/news/secadv_20101202.txt	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0978.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/44269	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2011-0896.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2011/dsa-2141	vendor-advisory, x_refsource_DEBIAN
	http://marc.info/?l=bugtraq&m=130497251507577&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=132077688910227&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=129916880600544&w=2	vendor-advisory, x_refsource_HP
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:248	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2010-0979.html	vendor-advisory, x_refsource_REDHAT
	https://kb.bluecoat.com/index?page=content&id=SA53&actp=LIST	x_refsource_CONFIRM
	http://secunia.com/advisories/42811	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:34:37.524Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SR:2011:001",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
          },
          {
            "name": "1024822",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024822"
          },
          {
            "name": "42473",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42473"
          },
          {
            "name": "42571",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42571"
          },
          {
            "name": "43170",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43170"
          },
          {
            "name": "SSA:2010-340-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.668471"
          },
          {
            "name": "ADV-2011-0268",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0268"
          },
          {
            "name": "SUSE-SR:2011:009",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "SUSE-SU-2011:0847",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
          },
          {
            "name": "42493",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42493"
          },
          {
            "name": "43173",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43173"
          },
          {
            "name": "FEDORA-2010-18765",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html"
          },
          {
            "name": "ADV-2011-0032",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0032"
          },
          {
            "name": "openSUSE-SU-2011:0845",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
          },
          {
            "name": "43171",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43171"
          },
          {
            "name": "42620",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42620"
          },
          {
            "name": "SSRT100817",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/522176"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "USN-1029-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://ubuntu.com/usn/usn-1029-1"
          },
          {
            "name": "ADV-2010-3120",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3120"
          },
          {
            "name": "FEDORA-2010-18736",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html"
          },
          {
            "name": "ADV-2010-3122",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3122"
          },
          {
            "name": "43169",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43169"
          },
          {
            "name": "43172",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43172"
          },
          {
            "name": "HPSBHF02706",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
          },
          {
            "name": "45164",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45164"
          },
          {
            "name": "69565",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/69565"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=659462"
          },
          {
            "name": "VU#737740",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/737740"
          },
          {
            "name": "42469",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42469"
          },
          {
            "name": "HPSBMU02759",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/522176"
          },
          {
            "name": "SSRT100475",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
          },
          {
            "name": "42877",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42877"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://cvs.openssl.org/chngview?cn=20131"
          },
          {
            "name": "RHSA-2010:0977",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"
          },
          {
            "name": "HPSBMA02658",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
          },
          {
            "name": "SSRT100413",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
          },
          {
            "name": "ADV-2010-3134",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3134"
          },
          {
            "name": "ADV-2010-3188",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3188"
          },
          {
            "name": "oval:org.mitre.oval:def:18910",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"
          },
          {
            "name": "HPSBUX02638",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
          },
          {
            "name": "ADV-2011-0076",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0076"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://openssl.org/news/secadv_20101202.txt"
          },
          {
            "name": "RHSA-2010:0978",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0978.html"
          },
          {
            "name": "44269",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44269"
          },
          {
            "name": "RHSA-2011:0896",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
          },
          {
            "name": "DSA-2141",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2141"
          },
          {
            "name": "HPSBOV02670",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
          },
          {
            "name": "SSRT100613",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
          },
          {
            "name": "SSRT100339",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
          },
          {
            "name": "MDVSA-2010:248",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248"
          },
          {
            "name": "RHSA-2010:0979",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0979.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA53\u0026actp=LIST"
          },
          {
            "name": "42811",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42811"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-12-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the downgrade to an unintended cipher via vectors involving sniffing network traffic to discover a session identifier."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SR:2011:001",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html"
        },
        {
          "name": "1024822",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024822"
        },
        {
          "name": "42473",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42473"
        },
        {
          "name": "42571",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42571"
        },
        {
          "name": "43170",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43170"
        },
        {
          "name": "SSA:2010-340-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.668471"
        },
        {
          "name": "ADV-2011-0268",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0268"
        },
        {
          "name": "SUSE-SR:2011:009",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "SUSE-SU-2011:0847",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html"
        },
        {
          "name": "42493",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42493"
        },
        {
          "name": "43173",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43173"
        },
        {
          "name": "FEDORA-2010-18765",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052027.html"
        },
        {
          "name": "ADV-2011-0032",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0032"
        },
        {
          "name": "openSUSE-SU-2011:0845",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html"
        },
        {
          "name": "43171",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43171"
        },
        {
          "name": "42620",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42620"
        },
        {
          "name": "SSRT100817",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/522176"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "USN-1029-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://ubuntu.com/usn/usn-1029-1"
        },
        {
          "name": "ADV-2010-3120",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3120"
        },
        {
          "name": "FEDORA-2010-18736",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052315.html"
        },
        {
          "name": "ADV-2010-3122",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3122"
        },
        {
          "name": "43169",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43169"
        },
        {
          "name": "43172",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43172"
        },
        {
          "name": "HPSBHF02706",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
        },
        {
          "name": "45164",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45164"
        },
        {
          "name": "69565",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/69565"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=659462"
        },
        {
          "name": "VU#737740",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/737740"
        },
        {
          "name": "42469",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42469"
        },
        {
          "name": "HPSBMU02759",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://www.securityfocus.com/archive/1/522176"
        },
        {
          "name": "SSRT100475",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
        },
        {
          "name": "42877",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42877"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://cvs.openssl.org/chngview?cn=20131"
        },
        {
          "name": "RHSA-2010:0977",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"
        },
        {
          "name": "HPSBMA02658",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
        },
        {
          "name": "SSRT100413",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
        },
        {
          "name": "ADV-2010-3134",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3134"
        },
        {
          "name": "ADV-2010-3188",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3188"
        },
        {
          "name": "oval:org.mitre.oval:def:18910",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18910"
        },
        {
          "name": "HPSBUX02638",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
        },
        {
          "name": "ADV-2011-0076",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0076"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://openssl.org/news/secadv_20101202.txt"
        },
        {
          "name": "RHSA-2010:0978",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0978.html"
        },
        {
          "name": "44269",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44269"
        },
        {
          "name": "RHSA-2011:0896",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
        },
        {
          "name": "DSA-2141",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2141"
        },
        {
          "name": "HPSBOV02670",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
        },
        {
          "name": "SSRT100613",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132077688910227\u0026w=2"
        },
        {
          "name": "SSRT100339",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
        },
        {
          "name": "MDVSA-2010:248",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:248"
        },
        {
          "name": "RHSA-2010:0979",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0979.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA53\u0026actp=LIST"
        },
        {
          "name": "42811",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42811"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-4180",
    "datePublished": "2010-12-06T21:00:00",
    "dateReserved": "2010-11-04T00:00:00",
    "dateUpdated": "2024-08-07T03:34:37.524Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-2632 (GCVE-0-2010-2632)

Vulnerability from cvelistv5

Published

2011-01-19 15:00

Modified

2024-08-07 02:39

Severity ?

CWE

n/a

Summary

Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames.

References

URL

Tags

	http://secunia.com/advisories/55212	third-party-advisory, x_refsource_SECUNIA
	http://securityreason.com/achievement_securityalert/89	third-party-advisory, x_refsource_SREASONRES
	http://secunia.com/advisories/43433	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64798	vdb-entry, x_refsource_XF
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10598	x_refsource_CONFIRM
	http://secunia.com/advisories/42984	third-party-advisory, x_refsource_SECUNIA
	https://support.avaya.com/css/P8/documents/100127892	x_refsource_CONFIRM
	http://securityreason.com/achievement_securityalert/97	third-party-advisory, x_refsource_SREASONRES
	http://www.securitytracker.com/id?1024975	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2011/0151	vdb-entry, x_refsource_VUPEN
	http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:39:37.480Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "55212",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/55212"
          },
          {
            "name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASONRES",
              "x_transferred"
            ],
            "url": "http://securityreason.com/achievement_securityalert/89"
          },
          {
            "name": "43433",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43433"
          },
          {
            "name": "solaris-ftp-dos(64798)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64798"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10598"
          },
          {
            "name": "42984",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42984"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.avaya.com/css/P8/documents/100127892"
          },
          {
            "name": "20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASONRES",
              "x_transferred"
            ],
            "url": "http://securityreason.com/achievement_securityalert/97"
          },
          {
            "name": "1024975",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024975"
          },
          {
            "name": "ADV-2011-0151",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0151"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-01-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "55212",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/55212"
        },
        {
          "name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASONRES"
          ],
          "url": "http://securityreason.com/achievement_securityalert/89"
        },
        {
          "name": "43433",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43433"
        },
        {
          "name": "solaris-ftp-dos(64798)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64798"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10598"
        },
        {
          "name": "42984",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42984"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.avaya.com/css/P8/documents/100127892"
        },
        {
          "name": "20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASONRES"
          ],
          "url": "http://securityreason.com/achievement_securityalert/97"
        },
        {
          "name": "1024975",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024975"
        },
        {
          "name": "ADV-2011-0151",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0151"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-2632",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote attackers to affect availability. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable researcher that this is an issue in the glob implementation in libc that allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "55212",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/55212"
            },
            {
              "name": "20101007 Multiple Vendors libc/glob(3) resource exhaustion (+0day remote ftpd-anon)",
              "refsource": "SREASONRES",
              "url": "http://securityreason.com/achievement_securityalert/89"
            },
            {
              "name": "43433",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/43433"
            },
            {
              "name": "solaris-ftp-dos(64798)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64798"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10598",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10598"
            },
            {
              "name": "42984",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42984"
            },
            {
              "name": "https://support.avaya.com/css/P8/documents/100127892",
              "refsource": "CONFIRM",
              "url": "https://support.avaya.com/css/P8/documents/100127892"
            },
            {
              "name": "20110502 Multiple Vendors libc/glob(3) GLOB_BRACE|GLOB_LIMIT memory exhaustion",
              "refsource": "SREASONRES",
              "url": "http://securityreason.com/achievement_securityalert/97"
            },
            {
              "name": "1024975",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024975"
            },
            {
              "name": "ADV-2011-0151",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0151"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-2632",
    "datePublished": "2011-01-19T15:00:00",
    "dateReserved": "2010-07-06T00:00:00",
    "dateUpdated": "2024-08-07T02:39:37.480Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0198 (GCVE-0-2011-0198)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48436	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.369Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48436",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48436"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48436",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48436"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0198",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code via a crafted embedded TrueType font."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48436",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48436"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0198",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.369Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0207 (GCVE-0-2011-0207)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48444	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.262Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48444",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48444"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48444",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48444"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0207",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The MobileMe component in Apple Mac OS X before 10.6.8 uses a cleartext HTTP session for the Mail application to read e-mail aliases, which allows remote attackers to obtain potentially sensitive alias information by sniffing the network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48444",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48444"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0207",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.262Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0715 (GCVE-0-2011-0715)

Vulnerability from cvelistv5

Published

2011-03-11 22:00

Modified

2024-08-06 22:05

Severity ?

CWE

n/a

Summary

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.

References

URL

Tags

	http://securitytracker.com/id?1025161	vdb-entry, x_refsource_SECTRACK
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:067	vendor-advisory, x_refsource_MANDRIVA
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1096-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2011/0567	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43583	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/46734	vdb-entry, x_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html	vendor-advisory, x_refsource_FEDORA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967	vdb-entry, signature, x_refsource_OVAL
	http://www.vupen.com/english/advisories/2011/0568	vdb-entry, x_refsource_VUPEN
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.479953	vendor-advisory, x_refsource_SLACKWARE
	http://www.debian.org/security/2011/dsa-2181	vendor-advisory, x_refsource_DEBIAN
	https://rhn.redhat.com/errata/RHSA-2011-0327.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.vupen.com/english/advisories/2011/0776	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0660	vdb-entry, x_refsource_VUPEN
	http://svn.apache.org/repos/asf/subversion/tags/1.6.16/CHANGES	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html	vendor-advisory, x_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html	vendor-advisory, x_refsource_FEDORA
	http://subversion.apache.org/security/CVE-2011-0715-advisory.txt	x_refsource_CONFIRM
	https://rhn.redhat.com/errata/RHSA-2011-0328.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0684	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/65876	vdb-entry, x_refsource_XF
	https://bugzilla.redhat.com/show_bug.cgi?id=680755	x_refsource_CONFIRM
	http://svn.haxx.se/dev/archive-2011-03/0122.shtml	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/43794	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0885	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0624	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43603	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43672	third-party-advisory, x_refsource_SECUNIA
	http://svn.apache.org/viewvc?view=revision&revision=1071239	x_refsource_CONFIRM
	http://svn.apache.org/viewvc?view=revision&revision=1071307	x_refsource_CONFIRM
	http://www.osvdb.org/70964	vdb-entry, x_refsource_OSVDB

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:05:52.860Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1025161",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1025161"
          },
          {
            "name": "MDVSA-2011:067",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:067"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "USN-1096-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1096-1"
          },
          {
            "name": "ADV-2011-0567",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0567"
          },
          {
            "name": "43583",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43583"
          },
          {
            "name": "46734",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46734"
          },
          {
            "name": "FEDORA-2011-2657",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html"
          },
          {
            "name": "oval:org.mitre.oval:def:18967",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967"
          },
          {
            "name": "ADV-2011-0568",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0568"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "SSA:2011-070-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.479953"
          },
          {
            "name": "DSA-2181",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2181"
          },
          {
            "name": "RHSA-2011:0327",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2011-0327.html"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "ADV-2011-0776",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0776"
          },
          {
            "name": "ADV-2011-0660",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0660"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/repos/asf/subversion/tags/1.6.16/CHANGES"
          },
          {
            "name": "FEDORA-2011-2698",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html"
          },
          {
            "name": "FEDORA-2011-3775",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://subversion.apache.org/security/CVE-2011-0715-advisory.txt"
          },
          {
            "name": "RHSA-2011:0328",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2011-0328.html"
          },
          {
            "name": "ADV-2011-0684",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0684"
          },
          {
            "name": "subversion-moddavsvn-dos(65876)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65876"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680755"
          },
          {
            "name": "[dev] 20110303 Subversion 1.6.16 Released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://svn.haxx.se/dev/archive-2011-03/0122.shtml"
          },
          {
            "name": "43794",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43794"
          },
          {
            "name": "ADV-2011-0885",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0885"
          },
          {
            "name": "ADV-2011-0624",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0624"
          },
          {
            "name": "43603",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43603"
          },
          {
            "name": "43672",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43672"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1071239"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1071307"
          },
          {
            "name": "70964",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/70964"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-03-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "1025161",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1025161"
        },
        {
          "name": "MDVSA-2011:067",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:067"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "USN-1096-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1096-1"
        },
        {
          "name": "ADV-2011-0567",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0567"
        },
        {
          "name": "43583",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43583"
        },
        {
          "name": "46734",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46734"
        },
        {
          "name": "FEDORA-2011-2657",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056071.html"
        },
        {
          "name": "oval:org.mitre.oval:def:18967",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18967"
        },
        {
          "name": "ADV-2011-0568",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0568"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "SSA:2011-070-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.479953"
        },
        {
          "name": "DSA-2181",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2181"
        },
        {
          "name": "RHSA-2011:0327",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2011-0327.html"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "name": "ADV-2011-0776",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0776"
        },
        {
          "name": "ADV-2011-0660",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0660"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/repos/asf/subversion/tags/1.6.16/CHANGES"
        },
        {
          "name": "FEDORA-2011-2698",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056072.html"
        },
        {
          "name": "FEDORA-2011-3775",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056736.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://subversion.apache.org/security/CVE-2011-0715-advisory.txt"
        },
        {
          "name": "RHSA-2011:0328",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2011-0328.html"
        },
        {
          "name": "ADV-2011-0684",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0684"
        },
        {
          "name": "subversion-moddavsvn-dos(65876)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65876"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=680755"
        },
        {
          "name": "[dev] 20110303 Subversion 1.6.16 Released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://svn.haxx.se/dev/archive-2011-03/0122.shtml"
        },
        {
          "name": "43794",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43794"
        },
        {
          "name": "ADV-2011-0885",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0885"
        },
        {
          "name": "ADV-2011-0624",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0624"
        },
        {
          "name": "43603",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43603"
        },
        {
          "name": "43672",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43672"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1071239"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc?view=revision\u0026revision=1071307"
        },
        {
          "name": "70964",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/70964"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-0715",
    "datePublished": "2011-03-11T22:00:00",
    "dateReserved": "2011-01-31T00:00:00",
    "dateUpdated": "2024-08-06T22:05:52.860Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3682 (GCVE-0-2010-3682)

Vulnerability from cvelistv5

Published

2011-01-11 19:00

Modified

2024-08-07 03:18

Severity ?

CWE

n/a

Summary

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function.

References

URL

Tags

	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:012	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2011-0164.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0170	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0133	vdb-entry, x_refsource_VUPEN
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html	x_refsource_CONFIRM
	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64684	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/42599	vdb-entry, x_refsource_BID
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:155	vendor-advisory, x_refsource_MANDRIVA
	http://bugs.mysql.com/bug.php?id=52711	x_refsource_CONFIRM
	http://secunia.com/advisories/42936	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=628328	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0825.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2010/09/28/10	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:52.644Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "MDVSA-2011:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "name": "RHSA-2011:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
          },
          {
            "name": "ADV-2011-0170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0170"
          },
          {
            "name": "ADV-2011-0133",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0133"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "mysql-itemsinglerowsubselect-dos(64684)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64684"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "name": "42599",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/42599"
          },
          {
            "name": "MDVSA-2010:155",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=52711"
          },
          {
            "name": "42936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42936"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628328"
          },
          {
            "name": "RHSA-2010:0825",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
          },
          {
            "name": "SUSE-SR:2010:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
          },
          {
            "name": "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/09/28/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-07-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted \"SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)\" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "MDVSA-2011:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "name": "RHSA-2011:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
        },
        {
          "name": "ADV-2011-0170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0170"
        },
        {
          "name": "ADV-2011-0133",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0133"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "mysql-itemsinglerowsubselect-dos(64684)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64684"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "name": "42599",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/42599"
        },
        {
          "name": "MDVSA-2010:155",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=52711"
        },
        {
          "name": "42936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42936"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628328"
        },
        {
          "name": "RHSA-2010:0825",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
        },
        {
          "name": "SUSE-SR:2010:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
        },
        {
          "name": "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/09/28/10"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3682",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted \"SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...)\" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "MDVSA-2011:012",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "RHSA-2011:0164",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
            },
            {
              "name": "ADV-2011-0170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0170"
            },
            {
              "name": "ADV-2011-0133",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0133"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "mysql-itemsinglerowsubselect-dos(64684)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64684"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "42599",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/42599"
            },
            {
              "name": "MDVSA-2010:155",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=52711",
              "refsource": "CONFIRM",
              "url": "http://bugs.mysql.com/bug.php?id=52711"
            },
            {
              "name": "42936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42936"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=628328",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628328"
            },
            {
              "name": "RHSA-2010:0825",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
            },
            {
              "name": "SUSE-SR:2010:019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
            },
            {
              "name": "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2010/09/28/10"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3682",
    "datePublished": "2011-01-11T19:00:00",
    "dateReserved": "2010-09-28T00:00:00",
    "dateUpdated": "2024-08-07T03:18:52.644Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3833 (GCVE-0-2010-3833)

Vulnerability from cvelistv5

Published

2011-01-14 18:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a "CREATE TABLE ... SELECT."

References

URL

Tags

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html	x_refsource_CONFIRM
	http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=640751	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2011-0164.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0170	vdb-entry, x_refsource_VUPEN
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/43676	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64845	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42936	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-0825.html	vendor-advisory, x_refsource_REDHAT
	http://bugs.mysql.com/bug.php?id=55826	x_refsource_MISC
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:223	vendor-advisory, x_refsource_MANDRIVA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:12.217Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
          },
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640751"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "name": "RHSA-2011:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
          },
          {
            "name": "ADV-2011-0170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "43676",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43676"
          },
          {
            "name": "mysql-extremevalue-dos(64845)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64845"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "name": "42936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42936"
          },
          {
            "name": "RHSA-2010:0825",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=55826"
          },
          {
            "name": "MDVSA-2010:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a \"CREATE TABLE ... SELECT.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
        },
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640751"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "name": "RHSA-2011:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
        },
        {
          "name": "ADV-2011-0170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "43676",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43676"
        },
        {
          "name": "mysql-extremevalue-dos(64845)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64845"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "name": "42936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42936"
        },
        {
          "name": "RHSA-2010:0825",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=55826"
        },
        {
          "name": "MDVSA-2010:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3833",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type errors, which allows remote attackers to cause a denial of service (server crash) via crafted arguments to extreme-value functions such as (1) LEAST and (2) GREATEST, related to KILL_BAD_DATA and a \"CREATE TABLE ... SELECT.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
            },
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=640751",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640751"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "RHSA-2011:0164",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
            },
            {
              "name": "ADV-2011-0170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0170"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "43676",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43676"
            },
            {
              "name": "mysql-extremevalue-dos(64845)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64845"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "42936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42936"
            },
            {
              "name": "RHSA-2010:0825",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=55826",
              "refsource": "MISC",
              "url": "http://bugs.mysql.com/bug.php?id=55826"
            },
            {
              "name": "MDVSA-2010:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3833",
    "datePublished": "2011-01-14T18:00:00",
    "dateReserved": "2010-10-07T00:00:00",
    "dateUpdated": "2024-08-07T03:26:12.217Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3677 (GCVE-0-2010-3677)

Vulnerability from cvelistv5

Published

2011-01-11 19:00

Modified

2024-08-07 03:18

Severity ?

CWE

n/a

Summary

Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column.

References

URL

Tags

	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:012	vendor-advisory, x_refsource_MANDRIVA
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2011-0164.html	vendor-advisory, x_refsource_REDHAT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64688	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2011/0170	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0133	vdb-entry, x_refsource_VUPEN
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=628040	x_refsource_CONFIRM
	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/42646	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:155	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/42936	third-party-advisory, x_refsource_SECUNIA
	http://bugs.mysql.com/bug.php?id=54575	x_refsource_MISC
	http://www.redhat.com/support/errata/RHSA-2010-0825.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2010/09/28/10	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:51.984Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "MDVSA-2011:012",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "name": "RHSA-2011:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
          },
          {
            "name": "mysql-setcolumn-dos(64688)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64688"
          },
          {
            "name": "ADV-2011-0170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0170"
          },
          {
            "name": "ADV-2011-0133",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0133"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628040"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html"
          },
          {
            "name": "42646",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/42646"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "name": "MDVSA-2010:155",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155"
          },
          {
            "name": "42936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42936"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=54575"
          },
          {
            "name": "RHSA-2010:0825",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
          },
          {
            "name": "SUSE-SR:2010:019",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
          },
          {
            "name": "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2010/09/28/10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-07-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "MDVSA-2011:012",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "name": "RHSA-2011:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
        },
        {
          "name": "mysql-setcolumn-dos(64688)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64688"
        },
        {
          "name": "ADV-2011-0170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0170"
        },
        {
          "name": "ADV-2011-0133",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0133"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628040"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html"
        },
        {
          "name": "42646",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/42646"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "name": "MDVSA-2010:155",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155"
        },
        {
          "name": "42936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42936"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=54575"
        },
        {
          "name": "RHSA-2010:0825",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
        },
        {
          "name": "SUSE-SR:2010:019",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
        },
        {
          "name": "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2010/09/28/10"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3677",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "MDVSA-2011:012",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:012"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "RHSA-2011:0164",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
            },
            {
              "name": "mysql-setcolumn-dos(64688)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64688"
            },
            {
              "name": "ADV-2011-0170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0170"
            },
            {
              "name": "ADV-2011-0133",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0133"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=628040",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=628040"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html"
            },
            {
              "name": "42646",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/42646"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "MDVSA-2010:155",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:155"
            },
            {
              "name": "42936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42936"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=54575",
              "refsource": "MISC",
              "url": "http://bugs.mysql.com/bug.php?id=54575"
            },
            {
              "name": "RHSA-2010:0825",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
            },
            {
              "name": "SUSE-SR:2010:019",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html"
            },
            {
              "name": "[oss-security] 20100928 Re: CVE Request -- MySQL v5.1.49 -- multiple DoS  flaws",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2010/09/28/10"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3677",
    "datePublished": "2011-01-11T19:00:00",
    "dateReserved": "2010-09-28T00:00:00",
    "dateUpdated": "2024-08-07T03:18:51.984Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0203 (GCVE-0-2011-0203)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/48418	vdb-entry, x_refsource_BID
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.379Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "48418",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48418"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "48418",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48418"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0203",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Absolute path traversal vulnerability in xftpd in the FTP Server component in Apple Mac OS X before 10.6.8 allows remote attackers to list arbitrary directories by using the root directory as the starting point of a recursive listing."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "48418",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48418"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0203",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.379Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3836 (GCVE-0-2010-3836)

Vulnerability from cvelistv5

Published

2011-01-14 18:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers.

References

URL

Tags

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html	x_refsource_CONFIRM
	http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2011-0164.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0170	vdb-entry, x_refsource_VUPEN
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/43676	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=640845	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64842	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42936	third-party-advisory, x_refsource_SECUNIA
	http://bugs.mysql.com/bug.php?id=54568	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0825.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:223	vendor-advisory, x_refsource_MANDRIVA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:11.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
          },
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "name": "RHSA-2011:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
          },
          {
            "name": "ADV-2011-0170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "43676",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43676"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640845"
          },
          {
            "name": "mysql-view-preparation-dos(64842)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64842"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "name": "42936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42936"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=54568"
          },
          {
            "name": "RHSA-2010:0825",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
          },
          {
            "name": "MDVSA-2010:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
        },
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "name": "RHSA-2011:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
        },
        {
          "name": "ADV-2011-0170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "43676",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43676"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640845"
        },
        {
          "name": "mysql-view-preparation-dos(64842)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64842"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "name": "42936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42936"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=54568"
        },
        {
          "name": "RHSA-2010:0825",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
        },
        {
          "name": "MDVSA-2010:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3836",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (assertion failure and server crash) via vectors related to view preparation, pre-evaluation of LIKE predicates, and IN Optimizers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
            },
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "RHSA-2011:0164",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
            },
            {
              "name": "ADV-2011-0170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0170"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "43676",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43676"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=640845",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640845"
            },
            {
              "name": "mysql-view-preparation-dos(64842)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64842"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "42936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42936"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=54568",
              "refsource": "CONFIRM",
              "url": "http://bugs.mysql.com/bug.php?id=54568"
            },
            {
              "name": "RHSA-2010:0825",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
            },
            {
              "name": "MDVSA-2010:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3836",
    "datePublished": "2011-01-14T18:00:00",
    "dateReserved": "2010-10-07T00:00:00",
    "dateUpdated": "2024-08-07T03:26:11.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0199 (GCVE-0-2011-0199)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2025-01-21 18:01

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE

n/a

Summary

The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48447	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.466Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48447",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48447"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.9,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2011-0199",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-09T19:41:50.177264Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-295",
                "description": "CWE-295 Improper Certificate Validation",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-21T18:01:55.874Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48447",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48447"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0199",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Certificate Trust Policy component in Apple Mac OS X before 10.6.8 does not perform CRL checking for Extended Validation (EV) certificates that lack OCSP URLs, which might allow man-in-the-middle attackers to spoof an SSL server via a revoked certificate."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48447",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48447"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0199",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2025-01-21T18:01:55.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0200 (GCVE-0-2011-0200)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://support.apple.com/kb/HT5130	x_refsource_CONFIRM
	http://support.apple.com/kb/HT4981	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4808	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5130"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4981"
          },
          {
            "name": "APPLE-SA-2011-10-11-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "APPLE-SA-2012-02-01-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4808"
          },
          {
            "name": "APPLE-SA-2011-07-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-23T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5130"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4981"
        },
        {
          "name": "APPLE-SA-2011-10-11-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "APPLE-SA-2012-02-01-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4808"
        },
        {
          "name": "APPLE-SA-2011-07-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0200",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in ColorSync in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image containing a crafted embedded ColorSync profile that triggers a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "http://support.apple.com/kb/HT5130",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5130"
            },
            {
              "name": "http://support.apple.com/kb/HT4981",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4981"
            },
            {
              "name": "APPLE-SA-2011-10-11-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "APPLE-SA-2012-02-01-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4808",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4808"
            },
            {
              "name": "APPLE-SA-2011-07-20-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0200",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0208 (GCVE-0-2011-0208)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4999	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.397Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4999"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-18T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-10-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4999"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0208",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "QuickLook in Apple Mac OS X 10.6 before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Microsoft Office document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4999"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0208",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.397Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0212 (GCVE-0-2011-0212)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48445	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.296Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48445",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48445"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48445",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48445"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0212",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "servermgrd in Apple Mac OS X before 10.6.8 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (CPU and memory consumption), via an XML-RPC request containing an entity declaration in conjunction with an entity reference, related to an XML External Entity (aka XXE) issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48445",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48445"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0212",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.296Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3838 (GCVE-0-2010-3838)

Vulnerability from cvelistv5

Published

2011-01-14 18:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function's result is "processed using an intermediate temporary table."

References

URL

Tags

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html	x_refsource_CONFIRM
	http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64840	vdb-entry, x_refsource_XF
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2011-0164.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0170	vdb-entry, x_refsource_VUPEN
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/43676	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	https://bugzilla.redhat.com/show_bug.cgi?id=640858	x_refsource_CONFIRM
	http://secunia.com/advisories/42936	third-party-advisory, x_refsource_SECUNIA
	http://bugs.mysql.com/bug.php?id=54461	x_refsource_MISC
	http://www.redhat.com/support/errata/RHSA-2010-0825.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:223	vendor-advisory, x_refsource_MANDRIVA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:11.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
          },
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "name": "mysql-longblob-dos(64840)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64840"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "name": "RHSA-2011:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
          },
          {
            "name": "ADV-2011-0170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "43676",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43676"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640858"
          },
          {
            "name": "42936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42936"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=54461"
          },
          {
            "name": "RHSA-2010:0825",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
          },
          {
            "name": "MDVSA-2010:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function\u0027s result is \"processed using an intermediate temporary table.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
        },
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "name": "mysql-longblob-dos(64840)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64840"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "name": "RHSA-2011:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
        },
        {
          "name": "ADV-2011-0170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "43676",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43676"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640858"
        },
        {
          "name": "42936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42936"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=54461"
        },
        {
          "name": "RHSA-2010:0825",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
        },
        {
          "name": "MDVSA-2010:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3838",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a query that uses the (1) GREATEST or (2) LEAST function with a mixed list of numeric and LONGBLOB arguments, which is not properly handled when the function\u0027s result is \"processed using an intermediate temporary table.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
            },
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "mysql-longblob-dos(64840)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64840"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "RHSA-2011:0164",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
            },
            {
              "name": "ADV-2011-0170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0170"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "43676",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43676"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=640858",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640858"
            },
            {
              "name": "42936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42936"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=54461",
              "refsource": "MISC",
              "url": "http://bugs.mysql.com/bug.php?id=54461"
            },
            {
              "name": "RHSA-2010:0825",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
            },
            {
              "name": "MDVSA-2010:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3838",
    "datePublished": "2011-01-14T18:00:00",
    "dateReserved": "2010-10-07T00:00:00",
    "dateUpdated": "2024-08-07T03:26:11.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0213 (GCVE-0-2011-0213)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-08-03-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-08-11T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-08-03-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0213",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-08-03-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0213",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0196 (GCVE-0-2011-0196)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-09-16 18:33

Severity ?

CWE

n/a

Summary

AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.513Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-06-24T20:00:00Z",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0196",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "AirPort in Apple Mac OS X 10.5.8 allows remote attackers to cause a denial of service (out-of-bounds read and reboot) via Wi-Fi frames on the local wireless network."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0196",
    "datePublished": "2011-06-24T20:00:00Z",
    "dateReserved": "2010-12-23T00:00:00Z",
    "dateUpdated": "2024-09-16T18:33:34.851Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0210 (GCVE-0-2011-0210)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48442	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.275Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-08-03-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
          },
          {
            "name": "48442",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48442"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-08-11T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-08-03-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
        },
        {
          "name": "48442",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48442"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0210",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-08-03-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
            },
            {
              "name": "48442",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48442"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0210",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0202 (GCVE-0-2011-0202)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4808	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.526Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4808"
          },
          {
            "name": "APPLE-SA-2011-07-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-23T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4808"
        },
        {
          "name": "APPLE-SA-2011-07-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0202",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in CoreGraphics in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded Type 1 font in a PDF document."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4808",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4808"
            },
            {
              "name": "APPLE-SA-2011-07-20-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0202",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0719 (GCVE-0-2011-0719)

Vulnerability from cvelistv5

Published

2011-03-01 22:00

Modified

2024-08-06 22:05

Severity ?

CWE

n/a

Summary

Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd.

References

URL

Tags

	http://marc.info/?l=bugtraq&m=130835366526620&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2011/0522	vdb-entry, x_refsource_VUPEN
	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.593629	vendor-advisory, x_refsource_SLACKWARE
	http://www.securitytracker.com/id?1025132	vdb-entry, x_refsource_SECTRACK
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=678328	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2011-0306.html	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2011/dsa-2175	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/46597	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0541	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0517	vdb-entry, x_refsource_VUPEN
	http://www.vupen.com/english/advisories/2011/0702	vdb-entry, x_refsource_VUPEN
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.samba.org/samba/history/samba-3.4.12.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=130835366526620&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2011/0518	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056241.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/43517	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43557	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43556	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43512	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1075-1	vendor-advisory, x_refsource_UBUNTU
	http://www.vupen.com/english/advisories/2011/0519	vdb-entry, x_refsource_VUPEN
	http://samba.org/samba/security/CVE-2011-0719.html	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0520	vdb-entry, x_refsource_VUPEN
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056229.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/43503	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/65724	vdb-entry, x_refsource_XF
	http://www.redhat.com/support/errata/RHSA-2011-0305.html	vendor-advisory, x_refsource_REDHAT
	http://www.samba.org/samba/history/samba-3.5.7.html	x_refsource_CONFIRM
	http://secunia.com/advisories/43482	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43843	third-party-advisory, x_refsource_SECUNIA
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:038	vendor-advisory, x_refsource_MANDRIVA
	http://www.samba.org/samba/history/samba-3.3.15.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:05:52.974Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX02657",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
          },
          {
            "name": "ADV-2011-0522",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0522"
          },
          {
            "name": "SSA:2011-059-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.593629"
          },
          {
            "name": "1025132",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025132"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678328"
          },
          {
            "name": "RHSA-2011:0306",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0306.html"
          },
          {
            "name": "DSA-2175",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2175"
          },
          {
            "name": "46597",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46597"
          },
          {
            "name": "ADV-2011-0541",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0541"
          },
          {
            "name": "ADV-2011-0517",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0517"
          },
          {
            "name": "ADV-2011-0702",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0702"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.samba.org/samba/history/samba-3.4.12.html"
          },
          {
            "name": "SSRT100460",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
          },
          {
            "name": "ADV-2011-0518",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0518"
          },
          {
            "name": "FEDORA-2011-3118",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056241.html"
          },
          {
            "name": "43517",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43517"
          },
          {
            "name": "43557",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43557"
          },
          {
            "name": "43556",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43556"
          },
          {
            "name": "43512",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43512"
          },
          {
            "name": "USN-1075-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1075-1"
          },
          {
            "name": "ADV-2011-0519",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0519"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://samba.org/samba/security/CVE-2011-0719.html"
          },
          {
            "name": "ADV-2011-0520",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0520"
          },
          {
            "name": "FEDORA-2011-3120",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056229.html"
          },
          {
            "name": "43503",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43503"
          },
          {
            "name": "samba-fdset-dos(65724)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65724"
          },
          {
            "name": "RHSA-2011:0305",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0305.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.samba.org/samba/history/samba-3.5.7.html"
          },
          {
            "name": "43482",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43482"
          },
          {
            "name": "43843",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43843"
          },
          {
            "name": "MDVSA-2011:038",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:038"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.samba.org/samba/history/samba-3.3.15.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-28T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Samba 3.x before 3.3.15, 3.4.x before 3.4.12, and 3.5.x before 3.5.7 does not perform range checks for file descriptors before use of the FD_SET macro, which allows remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening a large number of files, related to (1) Winbind or (2) smbd."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "HPSBUX02657",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
        },
        {
          "name": "ADV-2011-0522",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0522"
        },
        {
          "name": "SSA:2011-059-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.593629"
        },
        {
          "name": "1025132",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025132"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=678328"
        },
        {
          "name": "RHSA-2011:0306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0306.html"
        },
        {
          "name": "DSA-2175",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2175"
        },
        {
          "name": "46597",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46597"
        },
        {
          "name": "ADV-2011-0541",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0541"
        },
        {
          "name": "ADV-2011-0517",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0517"
        },
        {
          "name": "ADV-2011-0702",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0702"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.samba.org/samba/history/samba-3.4.12.html"
        },
        {
          "name": "SSRT100460",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130835366526620\u0026w=2"
        },
        {
          "name": "ADV-2011-0518",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0518"
        },
        {
          "name": "FEDORA-2011-3118",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056241.html"
        },
        {
          "name": "43517",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43517"
        },
        {
          "name": "43557",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43557"
        },
        {
          "name": "43556",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43556"
        },
        {
          "name": "43512",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43512"
        },
        {
          "name": "USN-1075-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1075-1"
        },
        {
          "name": "ADV-2011-0519",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0519"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://samba.org/samba/security/CVE-2011-0719.html"
        },
        {
          "name": "ADV-2011-0520",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0520"
        },
        {
          "name": "FEDORA-2011-3120",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056229.html"
        },
        {
          "name": "43503",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43503"
        },
        {
          "name": "samba-fdset-dos(65724)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65724"
        },
        {
          "name": "RHSA-2011:0305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0305.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.samba.org/samba/history/samba-3.5.7.html"
        },
        {
          "name": "43482",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43482"
        },
        {
          "name": "43843",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43843"
        },
        {
          "name": "MDVSA-2011:038",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:038"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.samba.org/samba/history/samba-3.3.15.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-0719",
    "datePublished": "2011-03-01T22:00:00",
    "dateReserved": "2011-01-31T00:00:00",
    "dateUpdated": "2024-08-06T22:05:52.974Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3864 (GCVE-0-2010-3864)

Vulnerability from cvelistv5

Published

2010-11-17 15:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography.

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html	vendor-advisory, x_refsource_FEDORA
	http://marc.info/?l=bugtraq&m=132828103218869&w=2	vendor-advisory, x_refsource_HP
	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.668793	vendor-advisory, x_refsource_SLACKWARE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/3041	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=132828103218869&w=2	vendor-advisory, x_refsource_HP
	http://securitytracker.com/id?1024743	vdb-entry, x_refsource_SECTRACK
	http://blogs.sun.com/security/entry/cve_2010_3864_race_condition	x_refsource_CONFIRM
	http://secunia.com/advisories/42413	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html	vendor-advisory, x_refsource_FEDORA
	http://openssl.org/news/secadv_20101116.txt	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html	vendor-advisory, x_refsource_SUSE
	https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html	mailing-list, x_refsource_MLIST
	http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html	vendor-advisory, x_refsource_FEDORA
	http://www.kb.cert.org/vuls/id/737740	third-party-advisory, x_refsource_CERT-VN
	https://rhn.redhat.com/errata/RHSA-2010-0888.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/42397	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=130497251507577&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/42241	third-party-advisory, x_refsource_SECUNIA
	https://bugzilla.redhat.com/show_bug.cgi?id=649304	x_refsource_CONFIRM
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777	vendor-advisory, x_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=129916880600544&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/57353	third-party-advisory, x_refsource_SECUNIA
	https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html	mailing-list, x_refsource_MLIST
	http://www.vupen.com/english/advisories/2010/3097	vdb-entry, x_refsource_VUPEN
	http://www.adobe.com/support/security/bulletins/apsb11-11.html	x_refsource_CONFIRM
	http://secunia.com/advisories/42336	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/42309	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/3077	vdb-entry, x_refsource_VUPEN
	http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc	vendor-advisory, x_refsource_FREEBSD
	http://secunia.com/advisories/44269	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/43312	third-party-advisory, x_refsource_SECUNIA
	http://www.vmware.com/security/advisories/VMSA-2011-0003.html	x_refsource_CONFIRM
	http://secunia.com/advisories/42243	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=130497251507577&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2010/3121	vdb-entry, x_refsource_VUPEN
	http://marc.info/?l=bugtraq&m=129916880600544&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/42352	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/516397/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.debian.org/security/2010/dsa-2125	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:11.631Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2010-17827",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html"
          },
          {
            "name": "HPSBGN02740",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132828103218869\u0026w=2"
          },
          {
            "name": "SSA:2010-326-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.668793"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
          },
          {
            "name": "ADV-2010-3041",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3041"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "SSRT100741",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132828103218869\u0026w=2"
          },
          {
            "name": "1024743",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1024743"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition"
          },
          {
            "name": "42413",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42413"
          },
          {
            "name": "FEDORA-2010-17826",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://openssl.org/news/secadv_20101116.txt"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "SUSE-SR:2010:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
          },
          {
            "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
          },
          {
            "name": "FEDORA-2010-17847",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html"
          },
          {
            "name": "VU#737740",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/737740"
          },
          {
            "name": "RHSA-2010:0888",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://rhn.redhat.com/errata/RHSA-2010-0888.html"
          },
          {
            "name": "42397",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42397"
          },
          {
            "name": "SSRT100475",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
          },
          {
            "name": "42241",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42241"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=649304"
          },
          {
            "name": "HPSBMA02658",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
          },
          {
            "name": "SSRT100413",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
          },
          {
            "name": "HPSBUX02638",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
          },
          {
            "name": "57353",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57353"
          },
          {
            "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
          },
          {
            "name": "ADV-2010-3097",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3097"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"
          },
          {
            "name": "42336",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42336"
          },
          {
            "name": "42309",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42309"
          },
          {
            "name": "ADV-2010-3077",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3077"
          },
          {
            "name": "FreeBSD-SA-10:10",
            "tags": [
              "vendor-advisory",
              "x_refsource_FREEBSD",
              "x_transferred"
            ],
            "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc"
          },
          {
            "name": "44269",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44269"
          },
          {
            "name": "43312",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43312"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
          },
          {
            "name": "42243",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42243"
          },
          {
            "name": "HPSBOV02670",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
          },
          {
            "name": "ADV-2010-3121",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/3121"
          },
          {
            "name": "SSRT100339",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
          },
          {
            "name": "42352",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42352"
          },
          {
            "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
          },
          {
            "name": "DSA-2125",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2010/dsa-2125"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-11-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to (1) the TLS server name extension and (2) elliptic curve cryptography."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-10T18:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2010-17827",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051170.html"
        },
        {
          "name": "HPSBGN02740",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132828103218869\u0026w=2"
        },
        {
          "name": "SSA:2010-326-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.668793"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
        },
        {
          "name": "ADV-2010-3041",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3041"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "SSRT100741",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132828103218869\u0026w=2"
        },
        {
          "name": "1024743",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1024743"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://blogs.sun.com/security/entry/cve_2010_3864_race_condition"
        },
        {
          "name": "42413",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42413"
        },
        {
          "name": "FEDORA-2010-17826",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051255.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://openssl.org/news/secadv_20101116.txt"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "SUSE-SR:2010:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html"
        },
        {
          "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
        },
        {
          "name": "FEDORA-2010-17847",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051237.html"
        },
        {
          "name": "VU#737740",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/737740"
        },
        {
          "name": "RHSA-2010:0888",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://rhn.redhat.com/errata/RHSA-2010-0888.html"
        },
        {
          "name": "42397",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42397"
        },
        {
          "name": "SSRT100475",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
        },
        {
          "name": "42241",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42241"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=649304"
        },
        {
          "name": "HPSBMA02658",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
        },
        {
          "name": "SSRT100413",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
        },
        {
          "name": "HPSBUX02638",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
        },
        {
          "name": "57353",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57353"
        },
        {
          "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
        },
        {
          "name": "ADV-2010-3097",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3097"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb11-11.html"
        },
        {
          "name": "42336",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42336"
        },
        {
          "name": "42309",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42309"
        },
        {
          "name": "ADV-2010-3077",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3077"
        },
        {
          "name": "FreeBSD-SA-10:10",
          "tags": [
            "vendor-advisory",
            "x_refsource_FREEBSD"
          ],
          "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:10.openssl.asc"
        },
        {
          "name": "44269",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44269"
        },
        {
          "name": "43312",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43312"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2011-0003.html"
        },
        {
          "name": "42243",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42243"
        },
        {
          "name": "HPSBOV02670",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
        },
        {
          "name": "ADV-2010-3121",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/3121"
        },
        {
          "name": "SSRT100339",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=129916880600544\u0026w=2"
        },
        {
          "name": "42352",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42352"
        },
        {
          "name": "20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/516397/100/0/threaded"
        },
        {
          "name": "DSA-2125",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2010/dsa-2125"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-3864",
    "datePublished": "2010-11-17T15:00:00",
    "dateReserved": "2010-10-08T00:00:00",
    "dateUpdated": "2024-08-07T03:26:11.631Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-4651 (GCVE-0-2010-4651)

Vulnerability from cvelistv5

Published

2011-03-11 22:00

Modified

2024-08-07 03:51

Severity ?

CWE

n/a

Summary

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0600	vdb-entry, x_refsource_VUPEN
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2011/01/06/20	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/46768	vdb-entry, x_refsource_BID
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://openwall.com/lists/oss-security/2011/01/06/21	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=667529	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html	vendor-advisory, x_refsource_FEDORA
	http://openwall.com/lists/oss-security/2011/01/06/19	mailing-list, x_refsource_MLIST
	http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1	x_refsource_CONFIRM
	http://secunia.com/advisories/43677	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html	vendor-advisory, x_refsource_FEDORA
	http://openwall.com/lists/oss-security/2011/01/05/10	mailing-list, x_refsource_MLIST
	http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/43663	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:51:17.968Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0600",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0600"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "[oss-security] 20110106 Re: CVE request: patch directory traversal flaw",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/01/06/20"
          },
          {
            "name": "46768",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46768"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "[oss-security] 20110106 Re: CVE request: patch directory traversal flaw",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/01/06/21"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667529"
          },
          {
            "name": "FEDORA-2011-1269",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html"
          },
          {
            "name": "[oss-security] 20110106 Re: CVE request: patch directory traversal flaw",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/01/06/19"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1"
          },
          {
            "name": "43677",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43677"
          },
          {
            "name": "FEDORA-2011-1272",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html"
          },
          {
            "name": "[oss-security] 20110105 CVE request: patch directory traversal flaw",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2011/01/05/10"
          },
          {
            "name": "[bug-patch] 20101230 Directory traversal vulnerability in patch (or dpkg-source) (fwd)",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html"
          },
          {
            "name": "43663",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43663"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-12-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2011-0600",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0600"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "[oss-security] 20110106 Re: CVE request: patch directory traversal flaw",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/01/06/20"
        },
        {
          "name": "46768",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46768"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "[oss-security] 20110106 Re: CVE request: patch directory traversal flaw",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/01/06/21"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=667529"
        },
        {
          "name": "FEDORA-2011-1269",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html"
        },
        {
          "name": "[oss-security] 20110106 Re: CVE request: patch directory traversal flaw",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/01/06/19"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1"
        },
        {
          "name": "43677",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43677"
        },
        {
          "name": "FEDORA-2011-1272",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html"
        },
        {
          "name": "[oss-security] 20110105 CVE request: patch directory traversal flaw",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2011/01/05/10"
        },
        {
          "name": "[bug-patch] 20101230 Directory traversal vulnerability in patch (or dpkg-source) (fwd)",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html"
        },
        {
          "name": "43663",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43663"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2010-4651",
    "datePublished": "2011-03-11T22:00:00",
    "dateReserved": "2011-01-03T00:00:00",
    "dateUpdated": "2024-08-07T03:51:17.968Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0205 (GCVE-0-2011-0205)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48439	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.374Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48439",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48439"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-27T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48439",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48439"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0205",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG2000 image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48439",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48439"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0205",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.374Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-1132 (GCVE-0-2011-1132)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 22:14

Severity ?

CWE

n/a

Summary

The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.securityfocus.com/bid/48422	vdb-entry, x_refsource_BID
	http://support.apple.com/kb/HT4999	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T22:14:27.835Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-10-12-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "48422",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/48422"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4999"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-10-18T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-10-12-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "48422",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/48422"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4999"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2011-1132",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The IPv6 implementation in the kernel in Apple Mac OS X before 10.6.8 allows local users to cause a denial of service (NULL pointer dereference and reboot) via vectors involving socket options."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-10-12-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "48422",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/48422"
            },
            {
              "name": "http://support.apple.com/kb/HT4999",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4999"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2011-1132",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2011-03-02T00:00:00",
    "dateUpdated": "2024-08-06T22:14:27.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3835 (GCVE-0-2010-3835)

Vulnerability from cvelistv5

Published

2011-01-14 18:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table.

References

URL

Tags

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html	x_refsource_CONFIRM
	http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2011-0164.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2011/0170	vdb-entry, x_refsource_VUPEN
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/43676	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64843	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/42936	third-party-advisory, x_refsource_SECUNIA
	http://www.redhat.com/support/errata/RHSA-2010-0825.html	vendor-advisory, x_refsource_REDHAT
	http://bugs.mysql.com/bug.php?id=55564	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=640819	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:223	vendor-advisory, x_refsource_MANDRIVA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:11.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
          },
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "name": "RHSA-2011:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
          },
          {
            "name": "ADV-2011-0170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0170"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "43676",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43676"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "name": "mysql-uservariable-dos(64843)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64843"
          },
          {
            "name": "42936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42936"
          },
          {
            "name": "RHSA-2010:0825",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=55564"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640819"
          },
          {
            "name": "MDVSA-2010:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
        },
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "name": "RHSA-2011:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
        },
        {
          "name": "ADV-2011-0170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0170"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "43676",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43676"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "name": "mysql-uservariable-dos(64843)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64843"
        },
        {
          "name": "42936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42936"
        },
        {
          "name": "RHSA-2010:0825",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=55564"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640819"
        },
        {
          "name": "MDVSA-2010:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3835",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (mysqld server crash) by performing a user-variable assignment in a logical expression that is calculated and stored in a temporary table for GROUP BY, then causing the expression value to be used after the table is created, which causes the expression to be re-evaluated instead of accessing its value from the table."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
            },
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "RHSA-2011:0164",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
            },
            {
              "name": "ADV-2011-0170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0170"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "43676",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43676"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "mysql-uservariable-dos(64843)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64843"
            },
            {
              "name": "42936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42936"
            },
            {
              "name": "RHSA-2010:0825",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=55564",
              "refsource": "MISC",
              "url": "http://bugs.mysql.com/bug.php?id=55564"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=640819",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640819"
            },
            {
              "name": "MDVSA-2010:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3835",
    "datePublished": "2011-01-14T18:00:00",
    "dateReserved": "2010-10-07T00:00:00",
    "dateUpdated": "2024-08-07T03:26:11.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0211 (GCVE-0-2011-0211)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.402Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-08-03-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-08-11T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-08-03-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0211",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-08-03-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0211",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.402Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0014 (GCVE-0-2011-0014)

Vulnerability from cvelistv5

Published

2011-02-18 23:00

Modified

2024-08-06 21:36

Severity ?

CWE

n/a

Summary

ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."

References

URL

Tags

	http://www.vupen.com/english/advisories/2011/0361	vdb-entry, x_refsource_VUPEN
	http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.668823	vendor-advisory, x_refsource_SLACKWARE
	http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564	x_refsource_CONFIRM
	http://osvdb.org/70847	vdb-entry, x_refsource_OSVDB
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0399	vdb-entry, x_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2011-0677.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/43301	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985	vdb-entry, signature, x_refsource_OVAL
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.vupen.com/english/advisories/2011/0387	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/43286	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2011/dsa-2162	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2011/0395	vdb-entry, x_refsource_VUPEN
	http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc	vendor-advisory, x_refsource_NETBSD
	http://www.ubuntu.com/usn/USN-1064-1	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=130497251507577&w=2	vendor-advisory, x_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777	vendor-advisory, x_refsource_HP
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/43227	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2011/0389	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2011:028	vendor-advisory, x_refsource_MANDRIVA
	http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html	vendor-advisory, x_refsource_FEDORA
	http://www.securityfocus.com/bid/46264	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/57353	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=131042179515633&w=2	vendor-advisory, x_refsource_HP
	http://www.openssl.org/news/secadv_20110208.txt	x_refsource_CONFIRM
	http://secunia.com/advisories/44269	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=130497251507577&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/43339	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=131042179515633&w=2	vendor-advisory, x_refsource_HP
	http://www.vupen.com/english/advisories/2011/0603	vdb-entry, x_refsource_VUPEN
	http://www.securitytracker.com/id?1025050	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/csp/article/K10534046	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:36:02.316Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2011-0361",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0361"
          },
          {
            "name": "SSA:2011-041-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.668823"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
          },
          {
            "name": "70847",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/70847"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "ADV-2011-0399",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0399"
          },
          {
            "name": "RHSA-2011:0677",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0677.html"
          },
          {
            "name": "43301",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43301"
          },
          {
            "name": "oval:org.mitre.oval:def:18985",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "ADV-2011-0387",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0387"
          },
          {
            "name": "43286",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43286"
          },
          {
            "name": "SUSE-SR:2011:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
          },
          {
            "name": "DSA-2162",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2162"
          },
          {
            "name": "ADV-2011-0395",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0395"
          },
          {
            "name": "NetBSD-SA2011-002",
            "tags": [
              "vendor-advisory",
              "x_refsource_NETBSD",
              "x_transferred"
            ],
            "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc"
          },
          {
            "name": "USN-1064-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1064-1"
          },
          {
            "name": "SSRT100475",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
          },
          {
            "name": "HPSBMA02658",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
          },
          {
            "name": "SSRT100413",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
          },
          {
            "name": "43227",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43227"
          },
          {
            "name": "ADV-2011-0389",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0389"
          },
          {
            "name": "MDVSA-2011:028",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028"
          },
          {
            "name": "FEDORA-2011-1273",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"
          },
          {
            "name": "46264",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/46264"
          },
          {
            "name": "57353",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/57353"
          },
          {
            "name": "HPSBUX02689",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=131042179515633\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openssl.org/news/secadv_20110208.txt"
          },
          {
            "name": "44269",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/44269"
          },
          {
            "name": "HPSBOV02670",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
          },
          {
            "name": "43339",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/43339"
          },
          {
            "name": "SSRT100494",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=131042179515633\u0026w=2"
          },
          {
            "name": "ADV-2011-0603",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0603"
          },
          {
            "name": "1025050",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1025050"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K10534046"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-02-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka \"OCSP stapling vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-27T17:06:06",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "ADV-2011-0361",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0361"
        },
        {
          "name": "SSA:2011-041-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2011\u0026m=slackware-security.668823"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564"
        },
        {
          "name": "70847",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/70847"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "ADV-2011-0399",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0399"
        },
        {
          "name": "RHSA-2011:0677",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0677.html"
        },
        {
          "name": "43301",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43301"
        },
        {
          "name": "oval:org.mitre.oval:def:18985",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18985"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "ADV-2011-0387",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0387"
        },
        {
          "name": "43286",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43286"
        },
        {
          "name": "SUSE-SR:2011:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"
        },
        {
          "name": "DSA-2162",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2162"
        },
        {
          "name": "ADV-2011-0395",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0395"
        },
        {
          "name": "NetBSD-SA2011-002",
          "tags": [
            "vendor-advisory",
            "x_refsource_NETBSD"
          ],
          "url": "http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.asc"
        },
        {
          "name": "USN-1064-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1064-1"
        },
        {
          "name": "SSRT100475",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
        },
        {
          "name": "HPSBMA02658",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
        },
        {
          "name": "SSRT100413",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"
        },
        {
          "name": "43227",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43227"
        },
        {
          "name": "ADV-2011-0389",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0389"
        },
        {
          "name": "MDVSA-2011:028",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:028"
        },
        {
          "name": "FEDORA-2011-1273",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.html"
        },
        {
          "name": "46264",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/46264"
        },
        {
          "name": "57353",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/57353"
        },
        {
          "name": "HPSBUX02689",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=131042179515633\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openssl.org/news/secadv_20110208.txt"
        },
        {
          "name": "44269",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/44269"
        },
        {
          "name": "HPSBOV02670",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=130497251507577\u0026w=2"
        },
        {
          "name": "43339",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/43339"
        },
        {
          "name": "SSRT100494",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=131042179515633\u0026w=2"
        },
        {
          "name": "ADV-2011-0603",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0603"
        },
        {
          "name": "1025050",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1025050"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K10534046"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2011-0014",
    "datePublished": "2011-02-18T23:00:00",
    "dateReserved": "2010-12-07T00:00:00",
    "dateUpdated": "2024-08-06T21:36:02.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-3245 (GCVE-0-2009-3245)

Vulnerability from cvelistv5

Published

2010-03-05 19:00

Modified

2024-08-07 06:22

Severity ?

CWE

n/a

Summary

OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors.

References

URL

Tags

	http://www.vupen.com/english/advisories/2010/0916	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42724	third-party-advisory, x_refsource_SECUNIA
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11738	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/39461	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=openssl-cvs&m=126692159706582&w=2	mailing-list, x_refsource_MLIST
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html	vendor-advisory, x_refsource_FEDORA
	http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.663049	vendor-advisory, x_refsource_SLACKWARE
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6640	vdb-entry, signature, x_refsource_OVAL
	http://marc.info/?l=bugtraq&m=127678688104458&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=openssl-cvs&m=126692170906712&w=2	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/38761	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/38562	vdb-entry, x_refsource_BID
	https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html	mailing-list, x_refsource_MLIST
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9790	vdb-entry, signature, x_refsource_OVAL
	http://marc.info/?l=openssl-cvs&m=126692180606861&w=2	mailing-list, x_refsource_MLIST
	http://www.redhat.com/support/errata/RHSA-2010-0977.html	vendor-advisory, x_refsource_REDHAT
	http://www.vupen.com/english/advisories/2010/0839	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:076	vendor-advisory, x_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=127128920008563&w=2	vendor-advisory, x_refsource_HP
	https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-1003-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/39932	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2010/0933	vdb-entry, x_refsource_VUPEN
	http://www.redhat.com/support/errata/RHSA-2011-0896.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=127128920008563&w=2	vendor-advisory, x_refsource_HP
	https://kb.bluecoat.com/index?page=content&id=SA50	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2010/1216	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42733	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/37291	third-party-advisory, x_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html	vendor-advisory, x_refsource_FEDORA
	http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc	x_refsource_CONFIRM
	http://packetstormsecurity.com/files/153392/ABB-HMI-Outdated-Software-Components.html	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:22:24.020Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2010-0916",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0916"
          },
          {
            "name": "42724",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42724"
          },
          {
            "name": "oval:org.mitre.oval:def:11738",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11738"
          },
          {
            "name": "39461",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39461"
          },
          {
            "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf...",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=openssl-cvs\u0026m=126692159706582\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "FEDORA-2010-5357",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
          },
          {
            "name": "SSA:2010-060-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_SLACKWARE",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.663049"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "oval:org.mitre.oval:def:6640",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6640"
          },
          {
            "name": "HPSBOV02540",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127678688104458\u0026w=2"
          },
          {
            "name": "[openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec...",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=openssl-cvs\u0026m=126692170906712\u0026w=2"
          },
          {
            "name": "38761",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/38761"
          },
          {
            "name": "SUSE-SR:2010:013",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
          },
          {
            "name": "38562",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/38562"
          },
          {
            "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
          },
          {
            "name": "oval:org.mitre.oval:def:9790",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9790"
          },
          {
            "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b...",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=openssl-cvs\u0026m=126692180606861\u0026w=2"
          },
          {
            "name": "RHSA-2010:0977",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"
          },
          {
            "name": "ADV-2010-0839",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0839"
          },
          {
            "name": "MDVSA-2010:076",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
          },
          {
            "name": "HPSBUX02517",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
          },
          {
            "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
          },
          {
            "name": "USN-1003-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1003-1"
          },
          {
            "name": "39932",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/39932"
          },
          {
            "name": "ADV-2010-0933",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/0933"
          },
          {
            "name": "RHSA-2011:0896",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
          },
          {
            "name": "SSRT100058",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
          },
          {
            "name": "ADV-2010-1216",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/1216"
          },
          {
            "name": "42733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42733"
          },
          {
            "name": "37291",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37291"
          },
          {
            "name": "FEDORA-2010-5744",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/153392/ABB-HMI-Outdated-Software-Components.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-02-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-06-25T00:06:09",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2010-0916",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0916"
        },
        {
          "name": "42724",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42724"
        },
        {
          "name": "oval:org.mitre.oval:def:11738",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11738"
        },
        {
          "name": "39461",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39461"
        },
        {
          "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf...",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=openssl-cvs\u0026m=126692159706582\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "FEDORA-2010-5357",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
        },
        {
          "name": "SSA:2010-060-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_SLACKWARE"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.663049"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "oval:org.mitre.oval:def:6640",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6640"
        },
        {
          "name": "HPSBOV02540",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127678688104458\u0026w=2"
        },
        {
          "name": "[openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec...",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=openssl-cvs\u0026m=126692170906712\u0026w=2"
        },
        {
          "name": "38761",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/38761"
        },
        {
          "name": "SUSE-SR:2010:013",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
        },
        {
          "name": "38562",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/38562"
        },
        {
          "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
        },
        {
          "name": "oval:org.mitre.oval:def:9790",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9790"
        },
        {
          "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b...",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=openssl-cvs\u0026m=126692180606861\u0026w=2"
        },
        {
          "name": "RHSA-2010:0977",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"
        },
        {
          "name": "ADV-2010-0839",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0839"
        },
        {
          "name": "MDVSA-2010:076",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
        },
        {
          "name": "HPSBUX02517",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
        },
        {
          "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
        },
        {
          "name": "USN-1003-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1003-1"
        },
        {
          "name": "39932",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/39932"
        },
        {
          "name": "ADV-2010-0933",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/0933"
        },
        {
          "name": "RHSA-2011:0896",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
        },
        {
          "name": "SSRT100058",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
        },
        {
          "name": "ADV-2010-1216",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/1216"
        },
        {
          "name": "42733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42733"
        },
        {
          "name": "37291",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37291"
        },
        {
          "name": "FEDORA-2010-5744",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/153392/ABB-HMI-Outdated-Software-Components.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-3245",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2010-0916",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0916"
            },
            {
              "name": "42724",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42724"
            },
            {
              "name": "oval:org.mitre.oval:def:11738",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11738"
            },
            {
              "name": "39461",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39461"
            },
            {
              "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_1_0_0-stable: openssl/crypto/bn/ bn_div.c bn_gf...",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=openssl-cvs\u0026m=126692159706582\u0026w=2"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "FEDORA-2010-5357",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/039561.html"
            },
            {
              "name": "SSA:2010-060-02",
              "refsource": "SLACKWARE",
              "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2010\u0026m=slackware-security.663049"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "oval:org.mitre.oval:def:6640",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6640"
            },
            {
              "name": "HPSBOV02540",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=127678688104458\u0026w=2"
            },
            {
              "name": "[openssl-cvs] 20100223 OpenSSL: openssl/crypto/bn/ bn_div.c bn_gf2m.c openssl/crypto/ec...",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=openssl-cvs\u0026m=126692170906712\u0026w=2"
            },
            {
              "name": "38761",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/38761"
            },
            {
              "name": "SUSE-SR:2010:013",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"
            },
            {
              "name": "38562",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/38562"
            },
            {
              "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.0.6a has been released",
              "refsource": "MLIST",
              "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html"
            },
            {
              "name": "oval:org.mitre.oval:def:9790",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9790"
            },
            {
              "name": "[openssl-cvs] 20100223 OpenSSL: OpenSSL_0_9_8-stable: openssl/ CHANGES openssl/crypto/b...",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=openssl-cvs\u0026m=126692180606861\u0026w=2"
            },
            {
              "name": "RHSA-2010:0977",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0977.html"
            },
            {
              "name": "ADV-2010-0839",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0839"
            },
            {
              "name": "MDVSA-2010:076",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:076"
            },
            {
              "name": "HPSBUX02517",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
            },
            {
              "name": "[syslog-ng-announce] 20110110 syslog-ng Premium Edition 3.2.1a has been released",
              "refsource": "MLIST",
              "url": "https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html"
            },
            {
              "name": "USN-1003-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1003-1"
            },
            {
              "name": "39932",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/39932"
            },
            {
              "name": "ADV-2010-0933",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/0933"
            },
            {
              "name": "RHSA-2011:0896",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0896.html"
            },
            {
              "name": "SSRT100058",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=127128920008563\u0026w=2"
            },
            {
              "name": "https://kb.bluecoat.com/index?page=content\u0026id=SA50",
              "refsource": "CONFIRM",
              "url": "https://kb.bluecoat.com/index?page=content\u0026id=SA50"
            },
            {
              "name": "ADV-2010-1216",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/1216"
            },
            {
              "name": "42733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42733"
            },
            {
              "name": "37291",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37291"
            },
            {
              "name": "FEDORA-2010-5744",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038587.html"
            },
            {
              "name": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc",
              "refsource": "CONFIRM",
              "url": "http://aix.software.ibm.com/aix/efixes/security/openssl_advisory.asc"
            },
            {
              "name": "http://packetstormsecurity.com/files/153392/ABB-HMI-Outdated-Software-Components.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/153392/ABB-HMI-Outdated-Software-Components.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-3245",
    "datePublished": "2010-03-05T19:00:00",
    "dateReserved": "2009-09-18T00:00:00",
    "dateUpdated": "2024-08-07T06:22:24.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0201 (GCVE-0-2011-0201)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://support.apple.com/kb/HT4808	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.319Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4808"
          },
          {
            "name": "APPLE-SA-2011-07-20-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-07-23T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4808"
        },
        {
          "name": "APPLE-SA-2011-07-20-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0201",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Off-by-one error in the CoreFoundation framework in Apple Mac OS X before 10.6.8 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a CFString object that triggers a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "http://support.apple.com/kb/HT4808",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4808"
            },
            {
              "name": "APPLE-SA-2011-07-20-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jul/msg00002.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0201",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.319Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2011-0209 (GCVE-0-2011-0209)

Vulnerability from cvelistv5

Published

2011-06-24 20:00

Modified

2024-08-06 21:43

Severity ?

CWE

n/a

Summary

Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file.

References

URL

Tags

	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html	vendor-advisory, x_refsource_APPLE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:43:15.261Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "APPLE-SA-2011-08-03-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-06-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2011-08-11T09:00:00",
        "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
        "shortName": "apple"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "APPLE-SA-2011-08-03-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "product-security@apple.com",
          "ID": "CVE-2011-0209",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted RIFF WAV file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "APPLE-SA-2011-08-03-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Aug/msg00000.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
    "assignerShortName": "apple",
    "cveId": "CVE-2011-0209",
    "datePublished": "2011-06-24T20:00:00",
    "dateReserved": "2010-12-23T00:00:00",
    "dateUpdated": "2024-08-06T21:43:15.261Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3837 (GCVE-0-2010-3837)

Vulnerability from cvelistv5

Published

2011-01-14 18:00

Modified

2024-08-07 03:26

Severity ?

CWE

n/a

Summary

MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object.

References

URL

Tags

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html	x_refsource_CONFIRM
	http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1397-1	vendor-advisory, x_refsource_UBUNTU
	http://support.apple.com/kb/HT4723	x_refsource_CONFIRM
	http://secunia.com/advisories/42875	third-party-advisory, x_refsource_SECUNIA
	http://www.ubuntu.com/usn/USN-1017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html	vendor-advisory, x_refsource_APPLE
	http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt	vendor-advisory, x_refsource_TURBO
	http://www.vupen.com/english/advisories/2011/0105	vdb-entry, x_refsource_VUPEN
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:222	vendor-advisory, x_refsource_MANDRIVA
	http://www.redhat.com/support/errata/RHSA-2011-0164.html	vendor-advisory, x_refsource_REDHAT
	http://bugs.mysql.com/bug.php?id=54476	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2011/0170	vdb-entry, x_refsource_VUPEN
	http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html	x_refsource_CONFIRM
	http://www.debian.org/security/2011/dsa-2143	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/43676	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2011/0345	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/42936	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/64841	vdb-entry, x_refsource_XF
	https://bugzilla.redhat.com/show_bug.cgi?id=640856	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2010-0825.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2010:223	vendor-advisory, x_refsource_MANDRIVA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:26:11.503Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
          },
          {
            "name": "USN-1397-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1397-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT4723"
          },
          {
            "name": "42875",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42875"
          },
          {
            "name": "USN-1017-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1017-1"
          },
          {
            "name": "APPLE-SA-2011-06-23-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
          },
          {
            "name": "TLSA-2011-3",
            "tags": [
              "vendor-advisory",
              "x_refsource_TURBO",
              "x_transferred"
            ],
            "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
          },
          {
            "name": "ADV-2011-0105",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0105"
          },
          {
            "name": "MDVSA-2010:222",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
          },
          {
            "name": "RHSA-2011:0164",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.mysql.com/bug.php?id=54476"
          },
          {
            "name": "ADV-2011-0170",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0170"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
          },
          {
            "name": "DSA-2143",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2011/dsa-2143"
          },
          {
            "name": "43676",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/43676"
          },
          {
            "name": "ADV-2011-0345",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2011/0345"
          },
          {
            "name": "42936",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42936"
          },
          {
            "name": "mysql-prepared-statement-dos(64841)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64841"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640856"
          },
          {
            "name": "RHSA-2010:0825",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
          },
          {
            "name": "MDVSA-2010:223",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-04T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T18:57:02",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
        },
        {
          "name": "USN-1397-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1397-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT4723"
        },
        {
          "name": "42875",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42875"
        },
        {
          "name": "USN-1017-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1017-1"
        },
        {
          "name": "APPLE-SA-2011-06-23-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
        },
        {
          "name": "TLSA-2011-3",
          "tags": [
            "vendor-advisory",
            "x_refsource_TURBO"
          ],
          "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
        },
        {
          "name": "ADV-2011-0105",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0105"
        },
        {
          "name": "MDVSA-2010:222",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
        },
        {
          "name": "RHSA-2011:0164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.mysql.com/bug.php?id=54476"
        },
        {
          "name": "ADV-2011-0170",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0170"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
        },
        {
          "name": "DSA-2143",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2011/dsa-2143"
        },
        {
          "name": "43676",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/43676"
        },
        {
          "name": "ADV-2011-0345",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2011/0345"
        },
        {
          "name": "42936",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42936"
        },
        {
          "name": "mysql-prepared-statement-dos(64841)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64841"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640856"
        },
        {
          "name": "RHSA-2010:0825",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
        },
        {
          "name": "MDVSA-2010:223",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3837",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of service (server crash) via a prepared statement that uses GROUP_CONCAT with the WITH ROLLUP modifier, probably triggering a use-after-free error when a copied object is modified in a way that also affects the original object."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.5/en/news-5-5-6.html"
            },
            {
              "name": "USN-1397-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1397-1"
            },
            {
              "name": "http://support.apple.com/kb/HT4723",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT4723"
            },
            {
              "name": "42875",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42875"
            },
            {
              "name": "USN-1017-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1017-1"
            },
            {
              "name": "APPLE-SA-2011-06-23-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html"
            },
            {
              "name": "TLSA-2011-3",
              "refsource": "TURBO",
              "url": "http://www.turbolinux.co.jp/security/2011/TLSA-2011-3j.txt"
            },
            {
              "name": "ADV-2011-0105",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0105"
            },
            {
              "name": "MDVSA-2010:222",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:222"
            },
            {
              "name": "RHSA-2011:0164",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-0164.html"
            },
            {
              "name": "http://bugs.mysql.com/bug.php?id=54476",
              "refsource": "CONFIRM",
              "url": "http://bugs.mysql.com/bug.php?id=54476"
            },
            {
              "name": "ADV-2011-0170",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0170"
            },
            {
              "name": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html",
              "refsource": "CONFIRM",
              "url": "http://dev.mysql.com/doc/refman/5.0/en/news-5-0-92.html"
            },
            {
              "name": "DSA-2143",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2011/dsa-2143"
            },
            {
              "name": "43676",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/43676"
            },
            {
              "name": "ADV-2011-0345",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2011/0345"
            },
            {
              "name": "42936",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42936"
            },
            {
              "name": "mysql-prepared-statement-dos(64841)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64841"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=640856",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=640856"
            },
            {
              "name": "RHSA-2010:0825",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2010-0825.html"
            },
            {
              "name": "MDVSA-2010:223",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:223"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3837",
    "datePublished": "2011-01-14T18:00:00",
    "dateReserved": "2010-10-07T00:00:00",
    "dateUpdated": "2024-08-07T03:26:11.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2011-AVI-369

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature

Action not permitted

CERTA-2011-AVI-369

Vulnerability from certfr_avis

Description

Solution

CVE-2010-0740 (GCVE-0-2010-0740)

Vulnerability from cvelistv5

CVE-2011-0206 (GCVE-0-2011-0206)

Vulnerability from cvelistv5

CVE-2011-0195 (GCVE-0-2011-0195)

Vulnerability from cvelistv5

CVE-2011-0204 (GCVE-0-2011-0204)

Vulnerability from cvelistv5

CVE-2010-3069 (GCVE-0-2010-3069)

Vulnerability from cvelistv5

CVE-2010-3834 (GCVE-0-2010-3834)

Vulnerability from cvelistv5

CVE-2010-3790 (GCVE-0-2010-3790)

Vulnerability from cvelistv5

CVE-2011-0197 (GCVE-0-2011-0197)

Vulnerability from cvelistv5

CVE-2010-4180 (GCVE-0-2010-4180)

Vulnerability from cvelistv5

CVE-2010-2632 (GCVE-0-2010-2632)

Vulnerability from cvelistv5

CVE-2011-0198 (GCVE-0-2011-0198)

Vulnerability from cvelistv5

CVE-2011-0207 (GCVE-0-2011-0207)

Vulnerability from cvelistv5

CVE-2011-0715 (GCVE-0-2011-0715)

Vulnerability from cvelistv5

CVE-2010-3682 (GCVE-0-2010-3682)

Vulnerability from cvelistv5

CVE-2010-3833 (GCVE-0-2010-3833)

Vulnerability from cvelistv5

CVE-2010-3677 (GCVE-0-2010-3677)

Vulnerability from cvelistv5

CVE-2011-0203 (GCVE-0-2011-0203)

Vulnerability from cvelistv5

CVE-2010-3836 (GCVE-0-2010-3836)

Vulnerability from cvelistv5

CVE-2011-0199 (GCVE-0-2011-0199)

Vulnerability from cvelistv5

CVE-2011-0200 (GCVE-0-2011-0200)

Vulnerability from cvelistv5

CVE-2011-0208 (GCVE-0-2011-0208)

Vulnerability from cvelistv5

CVE-2011-0212 (GCVE-0-2011-0212)

Vulnerability from cvelistv5

CVE-2010-3838 (GCVE-0-2010-3838)

Vulnerability from cvelistv5

CVE-2011-0213 (GCVE-0-2011-0213)

Vulnerability from cvelistv5

CVE-2011-0196 (GCVE-0-2011-0196)

Vulnerability from cvelistv5

CVE-2011-0210 (GCVE-0-2011-0210)

Vulnerability from cvelistv5

CVE-2011-0202 (GCVE-0-2011-0202)

Vulnerability from cvelistv5

CVE-2011-0719 (GCVE-0-2011-0719)

Vulnerability from cvelistv5

CVE-2010-3864 (GCVE-0-2010-3864)

Vulnerability from cvelistv5

CVE-2010-4651 (GCVE-0-2010-4651)

Vulnerability from cvelistv5

CVE-2011-0205 (GCVE-0-2011-0205)

Vulnerability from cvelistv5

CVE-2011-1132 (GCVE-0-2011-1132)

Vulnerability from cvelistv5

CVE-2010-3835 (GCVE-0-2010-3835)

Vulnerability from cvelistv5

CVE-2011-0211 (GCVE-0-2011-0211)

Vulnerability from cvelistv5

CVE-2011-0014 (GCVE-0-2011-0014)

Vulnerability from cvelistv5

CVE-2009-3245 (GCVE-0-2009-3245)

Vulnerability from cvelistv5

CVE-2011-0201 (GCVE-0-2011-0201)

Vulnerability from cvelistv5

CVE-2011-0209 (GCVE-0-2011-0209)