LiveActive security incident?Get immediate response
CVE archive

September 2010

Browse CVE records published in September 2010, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 397 matching CVEs · Page 3 of 8.

Unknown · CVSS Not scored

CVE-2010-3244: BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 re...

BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml field value, which allows local users to discover the database password via a modified connection.xml file that contains an encrypted password in the <Server> field.

Published Sep 7, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5211: Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan ho...

Untrusted search path vulnerability in ALSee 6.20.0.1 allows local users to gain privileges via a Trojan horse patchani.dll file in the current working directory, as demonstrated by a directory that contains a .ani, .bmp, .cal, .hdp, .jpe, .mac, .pbm, .pcx, .pgm, .png, .psd, .ras, .tga, or .tiff file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2739: Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2...

Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2003 R2 Enterprise SP2, Vista Business SP1, Windows 7, and Server 2008 SP2 allows local users to cause a denial of service (crash) and possibly execute arbitrary code by performing a clipboard operation (GetClipboardData API function) with a crafted bitmap with a palette that contains a large number of colors.

Published Sep 7, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-3485: SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary...

SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arbitrary SQL commands via the userhandle cookie to LightNEasy.php, a different vector than CVE-2008-6593. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 22, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-3313: phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupw...

phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309; allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) aspell_path or (2) spellchecker_lang parameters.

Published Sep 22, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5196: Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privile...

Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5241: Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privilege...

Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5269: Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows loca...

Untrusted search path vulnerability in tbb.dll in Intel Threading Building Blocks (TBB) 2.2.013 allows local users to gain privileges via a Trojan horse tbbmalloc.dll file in the current working directory, as demonstrated by a directory that contains a .pbk file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5198: Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileg...

Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, .qbo, or .qpg file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5203: Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure...

Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll, (2) conman.dll, (3) kmpapi32.dll, or (4) ncpmon2.dll file in the current working directory, as demonstrated by a directory that contains a .pcf or .spd file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5271: Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to ga...

Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mfd file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-3094: Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated us...

Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action description, (2) an action message, (3) a node, or (4) a taxonomy term, related to the actions feature and the trigger module.

Published Sep 21, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2836: Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled...

Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685.

Published Sep 23, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5219: Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows local users to gain privileges via a Troj...

Untrusted search path vulnerability in SmartFTP 4.0.1140.0 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .html, or .mpg file. NOTE: some of these details are obtained from third party information.

Published Sep 6, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5244: Untrusted search path vulnerability in SiSoftware Sandra 2010 Lite 2010.7.16.52 allows local users to gain...

Untrusted search path vulnerability in SiSoftware Sandra 2010 Lite 2010.7.16.52 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .sis file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5226: Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users t...

Multiple untrusted search path vulnerabilities in Autodesk Design Review 2011 11.0.0.86 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll, (2) whiptk_wt.7.12.601.dll, or (3) xaml_wt.7.6.0.dll file in the current working directory, as demonstrated by a directory that contains a .dwf file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5273: Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gai...

Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .dbdif file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5236: Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain pri...

Untrusted search path vulnerability in Roxio Easy Media Creator Home 9.0.136 allows local users to gain privileges via a Trojan horse homeutils9.dll file in the current working directory, as demonstrated by a directory that contains a .roxio, .c2d, or .gi file. NOTE: some of these details are obtained from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5259: Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow local users to gain privileges via a...

Multiple untrusted search path vulnerabilities in IsoBuster 2.8 allow local users to gain privileges via a Trojan horse (1) wnaspi32.dll or (2) ntaspi32.dll file in the current working directory, as demonstrated by a directory that contains a .img file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Published Sep 7, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2841: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before...

Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938.

Published Sep 10, 2010 · Updated Sep 16, 2024