LiveActive security incident?Get immediate response
CVE archive

September 2010

Browse CVE records published in September 2010, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 397 matching CVEs · Page 2 of 8.

Unknown · CVSS Not scored

CVE-2010-5207: Multiple untrusted search path vulnerabilities in CelFrame Office 2008 Standard Edition allow local users t...

Multiple untrusted search path vulnerabilities in CelFrame Office 2008 Standard Edition allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .odg file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5223: Multiple untrusted search path vulnerabilities in Phoenix Project Manager 2.1.0.8 allow local users to gain...

Multiple untrusted search path vulnerabilities in Phoenix Project Manager 2.1.0.8 allow local users to gain privileges via a Trojan horse (1) wbtrv32.dll or (2) w3btrv7.dll file in the current working directory, as demonstrated by a directory that contains a .ppx file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5230: Multiple untrusted search path vulnerabilities in MicroStation 7.1 allow local users to gain privileges via...

Multiple untrusted search path vulnerabilities in MicroStation 7.1 allow local users to gain privileges via a Trojan horse (1) mptools.dll, (2) baseman.dll, (3) wintab32.dll, or (4) wintab.dll file in the current working directory, as demonstrated by a directory that contains a .hln or .rdl file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2843: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users t...

Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033.

Published Sep 10, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5258: Untrusted search path vulnerability in Adobe Audition 3.0 build 7283.0 allows local users to gain privilege...

Untrusted search path vulnerability in Adobe Audition 3.0 build 7283.0 allows local users to gain privileges via a Trojan horse Assist.Dll file in the current working directory, as demonstrated by a directory that contains a .ses file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2835: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Uni...

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358.

Published Sep 23, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-3008: Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (S...

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007.

Published Sep 13, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5270: Multiple untrusted search path vulnerabilities in Adobe Device Central CS4 2.0.0 0476 allow local users to...

Multiple untrusted search path vulnerabilities in Adobe Device Central CS4 2.0.0 0476 allow local users to gain privileges via a Trojan horse (1) ibfs32.dll or (2) amt_cdb.dll file in the current working directory, as demonstrated by a directory that contains a .adcp file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-5216: Untrusted search path vulnerability in LINGO 11.0.1.6 and 12.0.2.20 allows local users to gain privileges v...

Untrusted search path vulnerability in LINGO 11.0.1.6 and 12.0.2.20 allows local users to gain privileges via a Trojan horse myuser.dll file in the current working directory, as demonstrated by a directory that contains a .ltf file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 6, 2012 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2842: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users t...

Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033.

Published Sep 10, 2010 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2010-2530: Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and ear...

Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call.

Published Sep 29, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5224: Untrusted search path vulnerability in Cool iPhone Ringtone Maker 2.2.3 allows local users to gain privileg...

Untrusted search path vulnerability in Cool iPhone Ringtone Maker 2.2.3 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5263: Untrusted search path vulnerability in Sothink SWF Decompiler 6.0 Build 610 allows local users to gain priv...

Untrusted search path vulnerability in Sothink SWF Decompiler 6.0 Build 610 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .flv file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5199: Untrusted search path vulnerability in PhotoImpact X3 13.00.0000.0 allows local users to gain privileges vi...

Untrusted search path vulnerability in PhotoImpact X3 13.00.0000.0 allows local users to gain privileges via a Trojan horse bwsconst.dll file in the current working directory, as demonstrated by a directory that contains a .ufp or .ufo file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5217: Multiple untrusted search path vulnerabilities in TuneUp Utilities 2009 8.0.3310 and 2010 9.0.4600 allow lo...

Multiple untrusted search path vulnerabilities in TuneUp Utilities 2009 8.0.3310 and 2010 9.0.4600 allow local users to gain privileges via a Trojan horse (1) wscapi.dll or (2) vclib32.dll file in the current working directory, as demonstrated by a directory that contains a .tvs file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5261: Untrusted search path vulnerability in SnowFox Total Video Converter 2.5.1 allows local users to gain privi...

Untrusted search path vulnerability in SnowFox Total Video Converter 2.5.1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .avi file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-1326: perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before buil...

perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrary modules and directories within CVSROOT, and execute arbitrary code via a crafted branch name ACL, possibly related to incorrect inheritance.

Published Sep 15, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5246: Multiple untrusted search path vulnerabilities in Maxthon Browser 1.6.7.35 and 2.5.15 allow local users to...

Multiple untrusted search path vulnerabilities in Maxthon Browser 1.6.7.35 and 2.5.15 allow local users to gain privileges via a Trojan horse (1) RSRC32.dll or (2) dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .html file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5204: Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users...

Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users to gain privileges via a Trojan horse (1) eclipse_1114.dll or (2) emser645mi.dll file in the current working directory, as demonstrated by a directory that contains a .odm, .odt, .otp, .stc, .stw, .sxg, or .sxw file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5079: SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) th...

SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors.

Published Sep 17, 2012 · Updated Sep 16, 2024