CVE-2010-3960
published 2010-12-16CVE-2010-3960: Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated…
PriorityP424medium4.9CVSS 2.0
AVLACLAuNCNINAC
EXPLOIT
EPSS
1.77%
75.3th percentile
Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBus Vulnerability."
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft HyperV - Persistent Denial of Service (MS11-047)
exploitdb·2011-06-14·CVSS 4.7
CVE-2011-1872 [MEDIUM] Microsoft HyperV - Persistent Denial of Service (MS11-047)
Microsoft HyperV - Persistent Denial of Service (MS11-047)
---
Core Security Technologies - Corelabs Advisory
http://corelabs.coresecurity.com/
MS HyperV Persistent DoS Vulnerability
1. *Advisory Information*
Title: MS HyperV Persistent DoS Vulnerability
Advisory ID: CORE-2011-0203
Advisory URL:
http://www.coresecurity.com/content/hyperv-vmbus-persistent-dos-vulnerability
Date published: 2011-06-14
Date of last update: 2011-06-14
Vendors contacted: Microsoft
Release mode: Coordinated release
2. *Vulnerability Information*
Class: Input validation error [CWE-20]
Impact: Denial of service
Remotely Exploitable: No
Locally Exploitable: Yes
CVE Name: CVE-2011-1872
3. *Vulnerability Description*
A security vulnerability was found in the driver 'vmswitch.sys',
associated to the Windows
Exploit-DB
Adobe (Multiple Products) - XML External Entity / XML Injection
exploitdb·2010-02-22·CVSS 6.5
CVE-2009-3960 [MEDIUM] Adobe (Multiple Products) - XML External Entity / XML Injection
Adobe (Multiple Products) - XML External Entity / XML Injection
---
( , ) (,
. `.' ) ('. ',
). , ('. ( ) (
(_,) .`), ) _ _,
/ _____/ / _ \ ____ ____ _____
\____ \==/ /_\ \ _/ ___\/ _ \ / \
/ \/ | \\ \__( ) Y Y \
/______ /\___|__ / \___ >____/|__|_| /
\/ \/.-. \/ \/:wq
(x.0)
'=.|w|.='
_='`"``=.
presents..
Multiple Adobe Products
XML External Entity And XML Injection Vulnerabilities
CVE: CVE-2009-3960
Adobe PSIRT: APSB10-05 - http://www.adobe.com/support/security/bulletins/apsb10-05.html
Link: http://www.security-assessment.com/files/advisories/2010-02-22_Multiple_Adobe_Products-XML_External_Entity_and_XML_Injection.pdf
+-----------+
|Description|
+-----------+
Security-Assessment.com discovered that multiple Adobe
products with different Data Services versions are
vulnerable to XML E
No writeups or analysis indexed.
http://osvdb.org/69818http://secunia.com/advisories/42617http://www.securityfocus.com/bid/45293http://www.securitytracker.com/id?1024884http://www.us-cert.gov/cas/techalerts/TA10-348A.htmlhttp://www.vupen.com/english/advisories/2010/3224https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-102https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12359http://osvdb.org/69818http://secunia.com/advisories/42617http://www.securityfocus.com/bid/45293http://www.securitytracker.com/id?1024884http://www.us-cert.gov/cas/techalerts/TA10-348A.htmlhttp://www.vupen.com/english/advisories/2010/3224https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-102https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12359
2010-12-16
Published