{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2010-4254","title":"Title"},{"category":"description","text":"Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2010-4254","url":"https://www.suse.com/security/cve/CVE-2010-4254"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 655847 for CVE-2010-4254","url":"https://bugzilla.suse.com/655847"},{"category":"external","summary":"SUSE Bug 674656 for CVE-2010-4254","url":"https://bugzilla.suse.com/674656"},{"category":"external","summary":"Advisory link for SUSE-SR:2010:024","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QQHP7MDAGKGRMVUG64TKDHFDLMRIRJQG/#QQHP7MDAGKGRMVUG64TKDHFDLMRIRJQG"},{"category":"external","summary":"Advisory link for SUSE-SR:2011:001","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J22KO5BAOHOQ2VYVPIVFLFEMSSXDBXK4/#J22KO5BAOHOQ2VYVPIVFLFEMSSXDBXK4"}],"title":"SUSE CVE CVE-2010-4254","tracking":{"current_release_date":"2025-03-16T14:29:17Z","generator":{"date":"2023-02-15T05:55:58Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2010-4254","initial_release_date":"2023-02-15T05:55:58Z","revision_history":[{"date":"2023-02-15T05:55:58Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:08:07Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:32:02Z","number":"4","summary":"Current version"},{"date":"2024-10-11T06:18:00Z","number":"5","summary":"Current version"},{"date":"2025-03-16T14:29:17Z","number":"6","summary":"Current version"}],"status":"interim","version":"6"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Desktop 11","product":{"name":"SUSE Linux Enterprise Desktop 11","product_id":"SUSE Linux Enterprise Desktop 11","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sled:11"}}},{"category":"product_version","name":"moonlight","product":{"name":"moonlight","product_id":"moonlight","product_identification_helper":{"cpe":"cpe:2.3:a:novell:moonlight:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/moonlight@"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"moonlight as component of SUSE Linux Enterprise Desktop 11","product_id":"SUSE Linux Enterprise Desktop 11:moonlight"},"product_reference":"moonlight","relates_to_product_reference":"SUSE Linux Enterprise Desktop 11"}]},"vulnerabilities":[{"cve":"CVE-2010-4254","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2010-4254"}],"notes":[{"category":"general","text":"Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise Desktop 11:moonlight"]},"references":[{"category":"external","summary":"CVE-2010-4254","url":"https://www.suse.com/security/cve/CVE-2010-4254"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 655847 for CVE-2010-4254","url":"https://bugzilla.suse.com/655847"},{"category":"external","summary":"SUSE Bug 674656 for CVE-2010-4254","url":"https://bugzilla.suse.com/674656"},{"category":"external","summary":"Advisory link for SUSE-SR:2010:024","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QQHP7MDAGKGRMVUG64TKDHFDLMRIRJQG/#QQHP7MDAGKGRMVUG64TKDHFDLMRIRJQG"},{"category":"external","summary":"Advisory link for SUSE-SR:2011:001","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/J22KO5BAOHOQ2VYVPIVFLFEMSSXDBXK4/#J22KO5BAOHOQ2VYVPIVFLFEMSSXDBXK4"}],"threats":[{"category":"impact","date":"2013-06-28T05:41:20Z","details":"important"}],"title":"CVE-2010-4254"}]}