CVE-2011-2632
published 2011-07-01CVE-2011-2632: Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application…
PriorityP419medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.20%
80.3th percentile
Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application crash) via a web page, as demonstrated by vod.onet.pl.
Affected
76 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opera | opera_browser | <= 11.10 | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fjgc-43jr-cg35: Opera before 11
ghsa_unreviewed·2022-05-17
CVE-2011-2632 [MEDIUM] CWE-20 GHSA-fjgc-43jr-cg35: Opera before 11
Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application crash) via a web page, as demonstrated by vod.onet.pl.
Red Hat
vsftpd: remote DoS via crafted glob pattern
vendor_redhat·2011-03-01·CVSS 7.8
CVE-2011-0762 [HIGH] vsftpd: remote DoS via crafted glob pattern
vsftpd: remote DoS via crafted glob pattern
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
No detection rules found.
Nuclei
vsftpd < 2.3.3 - DoS
nuclei·CVSS 7.8
CVE-2011-0762 [HIGH] vsftpd < 2.3.3 - DoS
vsftpd < 2.3.3 - DoS
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
Template:
id: CVE-2011-0762
info:
name: vsftpd < 2.3.3 - DoS
author: pussycat0x
severity: medium
description: |
The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632.
impact: |
Authenticated attackers can send crafted glob expressions
No writeups or analysis indexed.
2011-07-01
Published