Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-3848

EPSS 0.15% · P35
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2010-3848

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel econet_sendmsg函数栈缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。NFSv4 implementation是其中的一个分布式文件系统协议。 当econet地址已配置,Linux kernel 2.6.36.2之前版本中的net/econet/af_econet.c文件中的econet_sendmsg函数中存在基于栈的缓冲区溢出漏洞。本地用户可以通过提供大量iovec结构体获取特权。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2010-3848

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2010-3848

Please Login to view more intelligence information

Same Patch Batch · n/a · 2010-12-30 · 38 CVEs total

CVE-2010-4161Red Hat Enterprise Linux net/ipv4/udp.c文件资源管理错误漏洞
CVE-2010-4637Finalcut feedlist/handler_image.php文件跨站脚本攻击漏洞
CVE-2010-4638JQuarks函数SQL注入漏洞
CVE-2010-4639Intendance MySource Matrix index.php文件SQL注入漏洞
CVE-2010-4640XWiki Watch 多个跨站脚本攻击漏洞
CVE-2010-4641XWiki Enterprise SQL注入漏洞
CVE-2010-4642XWiki跨站脚本攻击漏洞
CVE-2010-3849Linux kernel econet_sendmsg函数资源管理错误漏洞
CVE-2010-3850Linux kernel ec_dev_ioctl函数权限许可和访问控制问题漏洞
CVE-2010-4158Linux kernel sk_run_filter函数信息泄露漏洞
CVE-2010-4636Site2Nite Business e-Listings detail.asp文件SQL注入漏洞
CVE-2010-4258Linux kernel kernel/exit.c文件权限许可和访问控制问题漏洞
CVE-2010-4276LiveZilla "livezilla"跨站脚本攻击漏洞
CVE-2010-4321Novell iPrint Client ienipp.ocx ActiveX控件栈缓冲区溢出漏洞
CVE-2010-4342Linux kernel aun_incoming函数资源管理错误漏洞
CVE-2010-4352D-BUS 资源管理错误漏洞
CVE-2010-4507Clear iSpot和ClearSpot多个跨站请求伪造漏洞
CVE-2010-4622IBM Tivoli Access Manager路径遍历漏洞
CVE-2010-4623IBM Tivoli Access Manager WebSEAL资源管理错误漏洞
CVE-2010-4627MyBB usercp2.php文件跨站请求伪造漏洞

Showing top 20 of 38 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2010-3848

No comments yet

Leave a comment