CVE-2010-4424

This is an entry in the Common Vulnerability Index under number CVE-2010-4424. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-4424

Description: Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.0 through 8.49.29, 8.50.0 through 8.50.14, and 8.51.0 through 8.51.04 allows remote attackers to affect availability via unknown vectors related to the Security sub-component.

Continue Reading …

CVE-2010-4764

This is an entry in the Common Vulnerability Index under number CVE-2010-4764. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-4764

Description: Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, does not present warnings about incoming encrypted e-mail messages that were based on revoked PGP or GPG keys,

Continue Reading …

CVE-2010-5069

This is an entry in the Common Vulnerability Index under number CVE-2010-5069. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-5069

Description: The Cascading Style Sheets (CSS) implementation in Google Chrome 4 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document.

Continue Reading …

CVE-2010-5317

This is an entry in the Common Vulnerability Index under number CVE-2010-5317. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-5317

Description: Multiple SQL injection vulnerabilities in index.php in SweetRice CMS before 0.6.7.1 allow remote attackers to execute arbitrary SQL commands via (1) the file_name parameter in an attachment action,

Continue Reading …

CVE-2010-4733

This is an entry in the Common Vulnerability Index under number CVE-2010-4733. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-4733

Description: WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU – TCP Gateway MB100, and Serial Ethernet Server SS100 on the IntelliCom NetBiter NB100 and NB200 platforms have a default username and password,

Continue Reading …

CVE-2010-4706

This is an entry in the Common Vulnerability Index under number CVE-2010-4706. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-4706

Description: The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earlier does not properly handle a failure to determine a certain target uid,

Continue Reading …

CVE-2010-5234

This is an entry in the Common Vulnerability Index under number CVE-2010-5234. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-5234

Description: Multiple untrusted search path vulnerabilities in Camtasia Studio 7.0.1 build 57 allow local users to gain privileges via a Trojan horse (1) MFC90ENU.DLL or (2) MFC90LOC.DLL file in the current working directory,

Continue Reading …

CVE-2010-5034

This is an entry in the Common Vulnerability Index under number CVE-2010-5034. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-5034

Description: SQL injection vulnerability in viewhistorydetail.php in iScripts EasyBiller 1.1 allows remote attackers to execute arbitrary SQL commands via the planid parameter.

Status: Candidate

Note for CVEs with status “Candidate”: Candidates must be reviewed and accepted by the CVE Editorial Board before they can be added to the official CVE list.Continue Reading …

CVE-2010-4841

This is an entry in the Common Vulnerability Index under number CVE-2010-4841. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-4841

Description: Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine EventLog Analyzer 6.1 allow remote attackers to inject arbitrary web script or HTML via the (1) HOST_ID,

Continue Reading …

CVE-2010-5097

This is an entry in the Common Vulnerability Index under number CVE-2010-5097. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2010-5097

Description: Cross-site scripting (XSS) vulnerability in the click enlarge functionality in TYPO3 4.3.x before 4.3.9 and 4.4.x before 4.4.5 when the caching framework is enabled,

Continue Reading …