CVE-2010-4254 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2010-4254 Interim 1 9 2024-10-15T02:37:34Z current 2021-05-30T12:54:49Z 2024-10-15T02:37:34Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2010-4254 Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QQHP7MDAGKGRMVUG64TKDHFDLMRIRJQG/#QQHP7MDAGKGRMVUG64TKDHFDLMRIRJQG E-Mail link for SUSE-SR:2010:024 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J22KO5BAOHOQ2VYVPIVFLFEMSSXDBXK4/#J22KO5BAOHOQ2VYVPIVFLFEMSSXDBXK4 E-Mail link for SUSE-SR:2011:001 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Desktop 11 moonlight moonlight as a component of SUSE Linux Enterprise Desktop 11 Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call. CVE-2010-4254 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P