Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2010-4254
HistoryDec 06, 2010 - 12:00 a.m.

CVE-2010-4254

2010-12-0600:00:00
ubuntu.com
ubuntu.com
6

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.347 Low

EPSS

Percentile

97.1%

JSON

Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used,
does not properly validate arguments to generic methods, which allows
remote attackers to bypass generic constraints, and possibly execute
arbitrary code, via a crafted method call.

Bugs

Notes

Author Note
mdeslaur upstream note: The bug (and fix) is in mono source code but can only be exploited (by untrusted applications) when used by Moonlight. Setting severity to negligile.

Related

prion 1
packetstorm 1
cve 1
nessus 5
fedora 2
openvas 6
gentoo 1
prion
prion
Security feature bypass
2010-12-06 13:44:00
packetstorm
packetstorm
Mono/Moonlight Local Privilege Escalation
2011-01-11 00:00:00
cve
cve
CVE-2010-4254
2010-12-06 13:44:00
nessus
nessus
openSUSE Security Update : libmoon-devel (openSUSE-SU-2010:1062-1)
2014-06-13 00:00:00
SuSE 11.1 Security Update : moonlight-plugin (SAT Patch Number 3606)
2011-01-21 00:00:00
SuSE 11.1 Security Update : moonlight (SAT Patch Number 3728)
2011-01-21 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: mono-addins-0.5-2.fc14
2011-03-31 17:00:53
[SECURITY] Fedora 14 Update: mono-2.6.7-4.fc14
2011-03-31 17:00:53
openvas
openvas
Fedora Update for mono FEDORA-2011-3393
2011-04-01 00:00:00
Fedora Update for mono-addins FEDORA-2011-3393
2011-04-01 00:00:00
Fedora Update for mono-addins FEDORA-2011-3393
2011-04-01 00:00:00
gentoo
gentoo
Mono: Multiple vulnerabilities
2012-06-21 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.347 Low

EPSS

Percentile

97.1%

JSON
Related for UB:CVE-2010-4254
prion1packetstorm1cve1nessus5fedora2openvas6gentoo1