Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2010-4254 | First vendor Publication | 2010-12-06 |
Vendor | Cve | Last vendor Modification | 2011-02-02 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4254 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-10 | Name : Gentoo Security Advisory GLSA 201206-13 (mono mono-debugger) File : nvt/glsa_201206_13.nasl |
2011-04-01 | Name : Fedora Update for mono-addins FEDORA-2011-3393 File : nvt/gb_fedora_2011_3393_mono-addins_fc14.nasl |
2011-04-01 | Name : Fedora Update for mono FEDORA-2011-3393 File : nvt/gb_fedora_2011_3393_mono_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
69619 | Mono on Moonlight Unspecified Generic Constraints Bypass Mono on Moonlight contains a flaw related to insufficient validation of arguments. The issue is triggered when remote attacker uses a crafted method call to bypass security policies or potentially execute arbitrary code. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : suse_11_3_libmoon-devel-101208.nasl - Type : ACT_GATHER_INFO |
2012-06-22 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201206-13.nasl - Type : ACT_GATHER_INFO |
2011-04-01 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2011-3393.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libmoon-devel-101222.nasl - Type : ACT_GATHER_INFO |
2011-01-21 | Name : The remote SuSE 11 host is missing a security update. File : suse_11_moonlight-plugin-101130.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2020-05-23 01:43:03 |
|
2020-05-23 00:26:55 |
|
2016-04-26 20:14:20 |
|
2014-06-14 13:29:46 |
|
2014-02-17 10:58:37 |
|
2013-05-10 23:36:54 |
|