QwikSec

Security Database

CVE

CWE

Training

CVE-2010-4254

Published: Dec 3, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SR:2011:001

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

http://www.mono-project.com/Vulnerabilities#Moonlight_Generic_Constraints_Bypass_Vulnerability

x_refsource_CONFIRM

exploit

x_refsource_EXPLOIT-DB

https://bugzilla.novell.com/show_bug.cgi?id=655847

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

https://github.com/mono/mono/commit/4905ef1130feb26c3150b28b97e4a96752e0d399

x_refsource_CONFIRM

https://github.com/mono/mono/commit/cf1ec146f7c6acdc6697032b3aaafc68ffacdcac

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

SUSE-SR:2010:024

vendor-advisory

x_refsource_SUSE

https://github.com/mono/mono/commit/65292a69c837b8a5f7a392d34db63de592153358

x_refsource_CONFIRM

https://bugzilla.novell.com/show_bug.cgi?id=654136

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.