CVE-2010-4254
CVE-2010-4254
Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.
Produtos afetados
n/a · n/aPoCs públicas encontradas — 2
cve_referencewww.exploit-db.com/exploits/15974não verificadoexploitdbwww.exploit-db.com/exploits/15974não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlhttps://bugzilla.novell.com/show_bug.cgi?id=654136https://bugzilla.novell.com/show_bug.cgi?id=655847http://secunia.com/advisories/42373http://secunia.com/advisories/42877https://github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399https://github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358https://github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcachttp://www.exploit-db.com/exploits/15974http://www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerabilityhttp://www.securityfocus.com/bid/45051