Lucene search

K

PRIOn knowledge basePRION:CVE-2010-2941

HistoryNov 05, 2010 - 5:00 p.m.

Cross site request forgery (csrf)

2010-11-0517:00:00

PRIOn knowledge base

www.prio-n.com

7

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.691 Medium

EPSS

Percentile

97.9%

ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request.

CPENameOperatorVersion
cupsle1.4.4
mac_os_xge10.6.0
mac_os_xle10.6.4
mac_os_xlt10.5.8
mac_os_x_serverge10.6.0
mac_os_x_serverle10.6.4
mac_os_x_serverlt10.5.8
ubuntu_linuxeq10.10
ubuntu_linuxeq9.10
ubuntu_linuxeq10.04

Rows per page:

1-10 of 281

References

blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox

lists.apple.com/archives/security-announce/2010//Nov/msg00000.html

lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html

rhn.redhat.com/errata/RHSA-2010-0811.html

secunia.com/advisories/42287

secunia.com/advisories/42867

secunia.com/advisories/43521

security.gentoo.org/glsa/glsa-201207-10.xml

securitytracker.com/id?1024662

slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.468323

support.apple.com/kb/HT4435

www.debian.org/security/2011/dsa-2176

www.mandriva.com/security/advisories?name=MDVSA-2010:232

www.mandriva.com/security/advisories?name=MDVSA-2010:233

www.mandriva.com/security/advisories?name=MDVSA-2010:234

www.osvdb.org/68951

www.redhat.com/support/errata/RHSA-2010-0866.html

www.securityfocus.com/bid/44530

www.ubuntu.com/usn/USN-1012-1

www.vupen.com/english/advisories/2010/2856

www.vupen.com/english/advisories/2010/3042

www.vupen.com/english/advisories/2010/3088

www.vupen.com/english/advisories/2011/0061

www.vupen.com/english/advisories/2011/0535

bugzilla.redhat.com/show_bug.cgi?id=624438

exchange.xforce.ibmcloud.com/vulnerabilities/62882

lists.fedoraproject.org/pipermail/package-announce/2010-November/050977.html

lists.fedoraproject.org/pipermail/package-announce/2010-November/051277.html

lists.fedoraproject.org/pipermail/package-announce/2010-November/051301.html

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.691 Medium

EPSS

Percentile

97.9%

Related for PRION:CVE-2010-2941

nessus24 slackware1 ubuntu1 openvas27 checkpoint_advisories1 redhat2 cve1 ubuntucve1 fedora4 veracode1 debiancve1 oraclelinux2 centos1 osv1 debian1 gentoo1 securityvulns2