CVE-2010-0935
published 2010-03-05CVE-2010-0935: Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command.
PriorityP423medium4.6CVSS 2.0
AVNACHAuSCPIPAP
EPSS
1.57%
72.3th percentile
Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| perforce | perforce_server | <= 2009.2 | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
| perforce | perforce_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Perforce Server up to 2009.2 access control (SBV-26322 / BID-36261)
vuldb·2026-05-01·CVSS 4.6
CVE-2010-0935 [MEDIUM] Perforce Server up to 2009.2 access control (SBV-26322 / BID-36261)
A vulnerability marked as critical has been reported in Perforce Server. The affected element is an unknown function. The manipulation leads to improper access controls.
This vulnerability is documented as CVE-2010-0935. The attack can be initiated remotely. There is not any exploit available.
GHSA
GHSA-4x2v-66mc-66vr: Perforce Server 2009
ghsa_unreviewed·2022-05-02
CVE-2010-0935 [MEDIUM] GHSA-4x2v-66mc-66vr: Perforce Server 2009
Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command.
No detection rules found.
No writeups or analysis indexed.
http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.htmlhttp://www.perforce.com/perforce/doc.current/manuals/cmdref/protect.htmlhttp://www.securityfocus.com/bid/36261http://lists.immunitysec.com/pipermail/dailydave/2010-March/006063.htmlhttp://www.perforce.com/perforce/doc.current/manuals/cmdref/protect.htmlhttp://www.securityfocus.com/bid/36261
2010-03-05
Published