CVE-2012-0010
published 2012-02-14CVE-2012-0010: Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a…
PriorityP420medium4.3CVSS 2.0
AVNACMAuNCPINAN
EPSS
14.10%
96.1th percentile
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
| microsoft | internet_explorer | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_redhat9.1CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-x3jg-rhc2-qpv5: Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read conte
ghsa_unreviewed·2022-05-04
CVE-2012-0010 [MEDIUM] CWE-200 GHSA-x3jg-rhc2-qpv5: Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read conte
Microsoft Internet Explorer 6 through 9 does not properly perform copy-and-paste operations, which allows user-assisted remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Copy and Paste Information Disclosure Vulnerability."
VMware
VMware vMA addresses a security issue
vendor_vmware·2012-05-25·CVSS 7.2
CVE-2012-2752 [HIGH] VMware vMA addresses a security issue
VMSA-2012-0010: VMware vMA addresses a security issue
a. VMware Library file loading Privilege Escalation A flaw in the way library files are loaded could allow for privilege escalation. VMware would like to thank Thorsten Tüllmann for reporting this issue to us. The Common Vulnerabilities and Exposures project ( cve.mitre.org) has assigned the name CVE-2012-2752 to this issue. Column 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. VMware Product Product Version Running on Replace with / Apply Patch VMware Product vMA Product Version any Running on any Replace with / Apply Patch vMA 5.0 Patch 2 (5.0.0.2)* * Customers who are running vMA 4.0 and vMA 4.1 would need to update to vMA 5.0 Patch 2 (5.0.0.2) to remedi
Red Hat
kernel: keys: NULL pointer deref in the user-defined key type
vendor_redhat·2011-11-15·CVSS 2.1
CVE-2011-4110 [LOW] CWE-476 kernel: keys: NULL pointer deref in the user-defined key type
kernel: keys: NULL pointer deref in the user-defined key type
The user_update function in security/keys/user_defined.c in the Linux kernel 2.6 allows local users to cause a denial of service (NULL pointer dereference and kernel oops) via vectors related to a user-defined key and "updating a negative key into a fully instantiated key."
Statement: This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,
5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1479.html, https://rhn.redhat.com/errata/RHSA-2011-1530.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://ac
Red Hat
kernel: jbd/jbd2: invalid value of first log block leads to oops
vendor_redhat·2011-11-01·CVSS 2.1
CVE-2011-4132 [LOW] kernel: jbd/jbd2: invalid value of first log block leads to oops
kernel: jbd/jbd2: invalid value of first log block leads to oops
The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value."
Statement: This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,
5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html, https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat
Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle,
https://access.redhat.c
Red Hat
kernel: crypto: ghash: null pointer deref if no key is set
vendor_redhat·2011-10-20·CVSS 5.5
CVE-2011-4081 [MEDIUM] CWE-476 kernel: crypto: ghash: null pointer deref if no key is set
kernel: crypto: ghash: null pointer deref if no key is set
crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket.
Statement: This issue did not affect the Linux kernels as shipped with Red Hat Enterprise Linux 4, and 5 as they did not include support for the GHASH message digest algorithm. This has been addressed in Red Hat Enterprise Linux 6, and MRG via https://rhn.redhat.com/errata/RHSA-2012-0350.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
Red Hat
kernel: cifs: signedness issue in CIFSFindNext()
vendor_redhat·2011-08-23·CVSS 8.8
CVE-2011-3191 [HIGH] kernel: cifs: signedness issue in CIFSFindNext()
kernel: cifs: signedness issue in CIFSFindNext()
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.
Statement: This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG. It has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, ht
Red Hat
kernel: net: improve sequence number generation
vendor_redhat·2011-08-07·CVSS 9.1
CVE-2011-3188 [CRITICAL] kernel: net: improve sequence number generation
kernel: net: improve sequence number generation
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
Statement: This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4, 5, 6, and Red Hat Enterprise MRG. It has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in
Red Hat
kernel: gro: only reset frag0 when skb can be pulled
vendor_redhat·2011-07-27·CVSS 5.7
CVE-2011-2723 [MEDIUM] kernel: gro: only reset frag0 when skb can be pulled
kernel: gro: only reset frag0 when skb can be pulled
The skb_gro_header_slow function in include/linux/netdevice.h in the Linux kernel before 2.6.39.4, when Generic Receive Offload (GRO) is enabled, resets certain fields in incorrect situations, which allows remote attackers to cause a denial of service (system crash) via crafted network traffic.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not backport the upstream commit a5b1cf28 that introduced this issue. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1386.html, https://rhn.redhat.com/errata/RHSA-2011-1350.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
Package: kern
Red Hat
kernel: taskstats io infoleak
vendor_redhat·2011-06-21·CVSS 2.1
CVE-2011-2494 [LOW] kernel: taskstats io infoleak
kernel: taskstats io infoleak
kernel/taskstats.c in the Linux kernel before 3.1 allows local users to obtain sensitive I/O statistics by sending taskstats commands to a netlink socket, as demonstrated by discovering the length of another user's password.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 as it did not provide support for the Taskstats interface. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1479.html, https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
Package: kernel (Red Hat Enterprise Linux 4) - Not affected
Red Hat
kernel: af_packet: infoleak
vendor_redhat·2011-06-07·CVSS 5.5
CVE-2011-2898 [MEDIUM] kernel: af_packet: infoleak
kernel: af_packet: infoleak
net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the upstream commit 393e52e3 that introduced this flaw. This has been addressed in Red Hat Enterprise Linux 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1350.html and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
Package: kernel (Red Hat Enterprise Linux 4) - Not affected
Package: kernel (Red Hat Enterprise Linux
Red Hat
kernel: proc: fix oops on invalid /proc/<pid>/maps access
vendor_redhat·2011-03-28·CVSS 5.5
CVE-2011-3637 [MEDIUM] kernel: proc: fix oops on invalid /proc/<pid>/maps access
kernel: proc: fix oops on invalid /proc//maps access
The m_stop function in fs/proc/task_mmu.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (OOPS) via vectors that trigger an m_start error.
Statement: This issue did not affect the version of the Linux kernel as shipped with Red Hat Enterprise Linux 4, and 6 as it did not backport the upstream commit ec6fd8a4 that introduced this issue. This has been addressed in Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2012-0007.html and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
Package: kernel (Red Hat Enterprise Linux 4) - Not affected
Package: kernel (Red Hat Enterprise Linux 6) - Affected
Red Hat
kernel: b43: allocate receive buffers big enough for max frame len + offset
vendor_redhat·2011-03-27·CVSS 7.5
CVE-2011-3359 [HIGH] kernel: b43: allocate receive buffers big enough for max frame len + offset
kernel: b43: allocate receive buffers big enough for max frame len + offset
The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.
Statement: This issue did not affect the versions of the Linux kernel as shipped with Red
Hat Enterprise Linux 4 and 5 as they did not provide support for Broadcom 43xx wireless devices. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
Package: kernel (Red Hat Enterprise Linux 4) - Not affected
Package: kernel (Red Hat Enterprise Linux 5) - Not affe
Red Hat
kernel: wrong headroom check in udp6_ufo_fragment()
vendor_redhat·2011-03-03·CVSS 7.1
CVE-2011-4326 [HIGH] CWE-119 kernel: wrong headroom check in udp6_ufo_fragment()
kernel: wrong headroom check in udp6_ufo_fragment()
The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat
Enterprise Linux 4 and 5 as they did not provide support for UDP Fragmentation Offload (UFO) functionality. This has been addressed in Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1465.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
Package: kernel (Red Hat Enterprise Linux 4) - Not affected
Package: ke
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-43409 kernel: kprobes: avoid crash when rmmod/insmod after ftrace killed
bugzilla·2026-05-08
CVE-2026-43409 [MEDIUM] CVE-2026-43409 kernel: kprobes: avoid crash when rmmod/insmod after ftrace killed
CVE-2026-43409 kernel: kprobes: avoid crash when rmmod/insmod after ftrace killed
In the Linux kernel, the following vulnerability has been resolved:
kprobes: avoid crash when rmmod/insmod after ftrace killed
After we hit ftrace is killed by some errors, the kernel crash if
we remove modules in which kprobe probes.
BUG: unable to handle page fault for address: fffffbfff805000d
PGD 817fcc067 P4D 817fcc067 PUD 817fc8067 PMD 101555067 PTE 0
Oops: Oops: 0000 [#1] SMP KASAN PTI
CPU: 4 UID: 0 PID: 2012 Comm: rmmod Tainted: G W OE
Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE
RIP: 0010:kprobes_module_callback+0x89/0x790
RSP: 0018:ffff88812e157d30 EFLAGS: 00010a02
RAX: 1ffffffff805000d RBX: dffffc0000000000 RCX: ffffffff86a8de90
RDX: ffffed1025c2af9b RSI: 0000000000000008 RDI: fffffff
Bugzilla
CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
bugzilla·2011-11-04·CVSS 2.1
CVE-2011-4110 [LOW] CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
CVE-2011-4110 kernel: keys: NULL pointer deref in the user-defined key type
A flaw was found in the way Linux kernel handled user-defined key types. An unprivileged local user could use this flaw to crash the system.
Reference:
https://lkml.org/lkml/2011/11/15/363
Discussion:
Created attachment 531725
CVE-2011-4110 proposed patch
---
Statement:
This issue affects the Linux kernel as shipped with Red Hat Enterprise Linux 4,
5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1479.html, https://rhn.redhat.com/errata/RHSA-2011-1530.html, and https://rhn.redhat.com/errata/RHSA-2012-0010.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https:
Bugzilla
CVE-2011-2898 kernel: af_packet: infoleak
bugzilla·2011-08-04·CVSS 5.5
CVE-2011-2898 [MEDIUM] CVE-2011-2898 kernel: af_packet: infoleak
CVE-2011-2898 kernel: af_packet: infoleak
In 2.6.27, commit 393e52e33c6c2 (packet: deliver VLAN TCI to userspace) added a small information leak.
Add padding field and make sure its zeroed before copy to user.
Upstream commit:
http://git.kernel.org/linus/13fcb7bd322164c67926ffe272846d4860196dc6
introduced by commit 393e52e33c6c2 (v2.6.27-rc1)
Discussion:
Statement:
This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport the upstream commit 393e52e3 that introduced this flaw. This has been addressed in Red Hat Enterprise Linux 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-1350.html and https://rhn.redhat.com/errata/RHSA-2012-0010.html.
---
This issue has been addressed in following
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14835https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-010https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14835
2012-02-14
Published