Vulnerabilities > Mono > Mono > 2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-07-12 | CVE-2012-3382 | Cross-Site Scripting vulnerability in Mono Cross-site scripting (XSS) vulnerability in the ProcessRequest function in mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs in Mono 2.10.8 and earlier allows remote attackers to inject arbitrary web script or HTML via a file with a crafted name and a forbidden extension, which is not properly handled in an error message. | 4.3 |
| 2010-11-17 | CVE-2010-4159 | Local Privilege Escalation vulnerability in Mono 'loader.c' Library Loading Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory. local mono | 6.9 |
| 2010-05-27 | CVE-2010-1459 | Cross-Site Scripting vulnerability in Mono The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated by the __VIEWSTATE parameter to 2.0/menu/menu1.aspx in the XSP sample project. | 4.3 |
| 2006-10-10 | CVE-2006-5072 | Unspecified vulnerability in Mono 1.0/2.0 The System.CodeDom.Compiler classes in Novell Mono create temporary files with insecure permissions, which allows local users to overwrite arbitrary files or execute arbitrary code via a symlink attack. | 6.2 |