LiveActive security incident?Get immediate response
CVE archive

September 2010

Browse CVE records published in September 2010, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 397 matching CVEs · Page 1 of 8.

High · CVSS 7.3 · CISA KEV

CVE-2010-2883: Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2....

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information.

Published Sep 9, 2010 · Updated Oct 22, 2025

High · CVSS 8.8

CVE-2010-0820: Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Dir...

Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Active Directory in Microsoft Windows Server 2003 SP2 and Windows Server 2008 Gold, SP2, and R2; Active Directory Application Mode (ADAM) in Windows XP SP2 and SP3 and Windows Server 2003 SP2; and Active Directory Lightweight Directory Service (AD LDS) in Windows Vista SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7, allows remote authenticated users to execute arbitrary code via malformed LDAP messages, aka "LSASS Heap Overflow Vulnerability."

Published Sep 15, 2010 · Updated Oct 17, 2024

Unknown · CVSS Not scored

CVE-2010-5267: Untrusted search path vulnerability in MunSoft Easy Office Recovery 1.1 allows local users to gain privileg...

Untrusted search path vulnerability in MunSoft Easy Office Recovery 1.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .ppt file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5257: Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 allow local users to gain privileges v...

Multiple untrusted search path vulnerabilities in ArchiCAD 13 and 14 allow local users to gain privileges via a Trojan horse (1) srcsrv.dll or (2) GSAutoTester.DLL file in the current working directory, as demonstrated by a directory that contains a .2df file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-0574: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2...

Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653.

Published Sep 10, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5245: Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privile...

Untrusted search path vulnerability in PDF-XChange Viewer 2.0 Build 54.0 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5249: Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 and Sophos SafeGuard PrivateCrypto 2...

Untrusted search path vulnerability in Sophos Free Encryption 2.40.1.1 and Sophos SafeGuard PrivateCrypto 2.40.1.2 allows local users to gain privileges via a Trojan horse pcrypt0406.dll file in the current working directory, as demonstrated by a directory that contains a .uti file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5239: Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 and Pro Standard 4.36.0309.0160 allows...

Untrusted search path vulnerability in DAEMON Tools Lite 4.35.6.0091 and Pro Standard 4.36.0309.0160 allows local users to gain privileges via a Trojan horse mfc80loc.dll file in the current working directory, as demonstrated by a directory that contains a .mds file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5215: Multiple untrusted search path vulnerabilities in SWiSH Max3 3.0 2009.11.30 allow local users to gain privi...

Multiple untrusted search path vulnerabilities in SWiSH Max3 3.0 2009.11.30 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) SWiSHmax3res.dll file in the current working directory, as demonstrated by a directory that contains a .swi file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5220: Untrusted search path vulnerability in MEO Encryption Software 2.02 allows local users to gain privileges v...

Untrusted search path vulnerability in MEO Encryption Software 2.02 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .meo or .cry file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5251: Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges...

Multiple untrusted search path vulnerabilities in IBM Lotus Notes 8.5 allow local users to gain privileges via a Trojan horse (1) nnoteswc.dll or (2) nlsxbe.dll file in the current working directory, as demonstrated by a directory that contains a .vcf, .vcs, or .ics file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5264: Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ProfUIS290m.dll and ProfUIS290m-RDE.d...

Untrusted search path vulnerability in the CExtDWM::CExtDWM method in ProfUIS290m.dll and ProfUIS290m-RDE.dll in Prof-UIS before 2.9.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2834: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Uni...

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987.

Published Sep 23, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5212: Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 9.0.0.20091029.1.612548 allows local us...

Untrusted search path vulnerability in Adobe LiveCycle Designer ES2 9.0.0.20091029.1.612548 allows local users to gain privileges via a Trojan horse objectassisten_US.dll file in the current working directory, as demonstrated by a directory that contains a .tds file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5268: Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 30884 allows local users to gain privileg...

Untrusted search path vulnerability in Amazon Kindle for PC 1.3.0 30884 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .azw file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5222: Untrusted search path vulnerability in Ease Jukebox 1.40 allows local users to gain privileges via a Trojan...

Untrusted search path vulnerability in Ease Jukebox 1.40 allows local users to gain privileges via a Trojan horse wmaudsdk.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 or .wav file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5247: Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 allows local users to gain privileges vi...

Untrusted search path vulnerability in QtWeb Browser 3.3 build 043 allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .html, .htm, or .mhtml file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5254: Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 2009 Home Edition allows local users t...

Untrusted search path vulnerability in GFI Backup 3.1 Build 20100730 2009 Home Edition allows local users to gain privileges via a Trojan horse ArmAccess.dll file in the current working directory, as demonstrated by a directory that contains a .gbc or .gbt file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5208: Multiple untrusted search path vulnerabilities in the (1) Presentation, (2) Writer, and (3) Spreadsheets co...

Multiple untrusted search path vulnerabilities in the (1) Presentation, (2) Writer, and (3) Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a directory that contains a .xls, .ppt, .rtf, or .doc file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5227: Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Troja...

Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5205: Multiple untrusted search path vulnerabilities in e-press ONE Office Author allow local users to gain privi...

Multiple untrusted search path vulnerabilities in e-press ONE Office Author allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .psw file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5238: Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privile...

Untrusted search path vulnerability in CyberLink PowerDirector 8.00.3022 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdl, .iso, .pds, .p2g, or .p2i file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2532: lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not lock the...

lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not lock the screen when the Suspend or Hibernate button is pressed, which might make it easier for physically proximate attackers to access an unattended laptop via a resume action. NOTE: there is no general agreement that this is a vulnerability, because separate control over locking can be an equally secure, or more secure, behavior in some threat environments.

Published Sep 3, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5231: Untrusted search path vulnerability in DivX Player 7.2.019 allows local users to gain privileges via a Troj...

Untrusted search path vulnerability in DivX Player 7.2.019 allows local users to gain privileges via a Trojan horse VersionCheckDLL.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5240: Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local...

Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-3402: Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, and pro...

Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, and probably other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a bin, cpp, css, c, dat, hpp, html, h, ini, java, log, mak, php, prj, txt, or xml file.

Published Sep 16, 2010 · Updated Sep 17, 2024