Vulnerability CVE-2010-4254

Vulnerability Name:

CVE-2010-4254 (CCN-63472)

Assigned:

2010-11-16

Published:

2010-11-16

Updated:

2011-02-02

Summary:

Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2010-4254

Source: SUSE
Type: UNKNOWN
SUSE-SR:2010:024

Source: SUSE
Type: UNKNOWN
SUSE-SR:2011:001

Source: CCN
Type: SA42373
Moonlight Generic Constraints Bypass Vulnerability

Source: SECUNIA
Type: Vendor Advisory
42373

Source: SECUNIA
Type: UNKNOWN
42877

Source: EXPLOIT-DB
Type: UNKNOWN
15974

Source: CCN
Type: Mono Web site
Moonight

Source: CONFIRM
Type: UNKNOWN
http://www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerability

Source: CCN
Type: OSVDB ID: 69619
Mono on Moonlight Unspecified Generic Constraints Bypass

Source: BID
Type: UNKNOWN
45051

Source: CCN
Type: BID-45051
Mono/Moonlight Generic Type Argument Local Privilege Escalation Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2011-0076

Source: CCN
Type: Novell Bugzilla Bug 654136
t

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.novell.com/show_bug.cgi?id=654136

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.novell.com/show_bug.cgi?id=655847

Source: XF
Type: UNKNOWN
moonlight-generic-type-security-bypass(63472)

Source: CCN
Type: Mono GIT Repository
Mono

Source: CONFIRM
Type: Patch
https://github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399

Source: CONFIRM
Type: Patch
https://github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358

Source: CONFIRM
Type: Patch
https://github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcac

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [01-11-2011]

Source: SUSE
Type: SUSE-SR:2010:024
SUSE Security Summary Report

Source: SUSE
Type: SUSE-SR:2011:001
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:mono:mono:*:*:*:*:*:*:*:*

AND

cpe:/a:novell:moonlight:*:*:*:*:*:*:*:* (Version <= 2.3.0)

OR cpe:/a:novell:moonlight:2.99.0:*:*:*:*:*:*:*

OR cpe:/a:novell:moonlight:2.99.1:*:*:*:*:*:*:*

OR cpe:/a:novell:moonlight:2.99.2:*:*:*:*:*:*:*

OR cpe:/a:novell:moonlight:2.99.7:*:*:*:*:*:*:*

OR cpe:/a:novell:moonlight:2.99.9:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:novell:moonlight:2.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20104254	V	CVE-2010-4254	2015-11-16
oval:com.ubuntu.precise:def:20104254000	V	CVE-2010-4254 on Ubuntu 12.04 LTS (precise) - negligible.	2010-12-06

BACK