{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41674?format=json","vulnerability_id":"VCID-1ecs-v7qx-wqeg","summary":"Multiple vulnerabilities were found in Mono, the worst of which\n    allowing for the remote execution of arbitrary code.","aliases":[{"alias":"CVE-2010-3332"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/75748?format=json","purl":"pkg:ebuild/dev-lang/mono@2.8.1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/mono@2.8.1-r1"},{"url":"http://public2.vulnerablecode.io/api/packages/75749?format=json","purl":"pkg:ebuild/dev-lang/mono@2.10.2-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/mono@2.10.2-r1"},{"url":"http://public2.vulnerablecode.io/api/packages/75747?format=json","purl":"pkg:ebuild/dev-util/mono-debugger@2.8.1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-util/mono-debugger@2.8.1-r1"}],"affected_packages":[],"references":[{"reference_url":"http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx","reference_id":"","reference_type":"","scores":[],"url":"http://blogs.technet.com/b/srd/archive/2010/09/17/understanding-the-asp-net-vulnerability.aspx"},{"reference_url":"http://isc.sans.edu/diary.html?storyid=9568","reference_id":"","reference_type":"","scores":[],"url":"http://isc.sans.edu/diary.html?storyid=9568"},{"reference_url":"http://pentonizer.com/general-programming/aspnet-poet-vulnerability-what-else-can-i-do/","reference_id":"","reference_type":"","scores":[],"url":"http://pentonizer.com/general-programming/aspnet-poet-vulnerability-what-else-can-i-do/"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3332","reference_id":"","reference_type":"","scores":[{"value":"0.83598","scoring_system":"epss","scoring_elements":"0.99294","published_at":"2026-05-07T12:55:00Z"},{"value":"0.83598","scoring_system":"epss","scoring_elements":"0.99286","published_at":"2026-04-21T12:55:00Z"},{"value":"0.83598","scoring_system":"epss","scoring_elements":"0.99287","published_at":"2026-04-18T12:55:00Z"},{"value":"0.83598","scoring_system":"epss","scoring_elements":"0.99288","published_at":"2026-04-29T12:55:00Z"},{"value":"0.83598","scoring_system":"epss","scoring_elements":"0.99289","published_at":"2026-04-26T12:55:00Z"},{"value":"0.83598","scoring_system":"epss","scoring_elements":"0.99292","published_at":"2026-05-05T12:55:00Z"},{"value":"0.85692","scoring_system":"epss","scoring_elements":"0.99376","published_at":"2026-04-11T12:55:00Z"},{"value":"0.85692","scoring_system":"epss","scoring_elements":"0.99371","published_at":"2026-04-02T12:55:00Z"},{"value":"0.85692","scoring_system":"epss","scoring_elements":"0.99372","published_at":"2026-04-04T12:55:00Z"},{"value":"0.85692","scoring_system":"epss","scoring_elements":"0.99374","published_at":"2026-04-07T12:55:00Z"},{"value":"0.85692","scoring_system":"epss","scoring_elements":"0.99375","published_at":"2026-04-09T12:55:00Z"},{"value":"0.85692","scoring_system":"epss","scoring_elements":"0.9937","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3332"},{"reference_url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070","reference_id":"","reference_type":"","scores":[],"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-070"},{"reference_url":"http://secunia.com/advisories/41409","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/41409"},{"reference_url":"http://securitytracker.com/id?1024459","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1024459"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61898","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/61898"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12365","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12365"},{"reference_url":"http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310","reference_id":"","reference_type":"","scores":[],"url":"http://threatpost.com/en_us/blogs/new-crypto-attack-affects-millions-aspnet-apps-091310"},{"reference_url":"http://twitter.com/thaidn/statuses/24832350146","reference_id":"","reference_type":"","scores":[],"url":"http://twitter.com/thaidn/statuses/24832350146"},{"reference_url":"http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx","reference_id":"","reference_type":"","scores":[],"url":"http://weblogs.asp.net/scottgu/archive/2010/09/18/important-asp-net-security-vulnerability.aspx"},{"reference_url":"http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryId/2799/Oracle-Padding-Vulnerability-in-ASP-NET.aspx","reference_id":"","reference_type":"","scores":[],"url":"http://www.dotnetnuke.com/Community/Blogs/tabid/825/EntryId/2799/Oracle-Padding-Vulnerability-in-ASP-NET.aspx"},{"reference_url":"http://www.ekoparty.org/juliano-rizzo-2010.php","reference_id":"","reference_type":"","scores":[],"url":"http://www.ekoparty.org/juliano-rizzo-2010.php"},{"reference_url":"http://www.microsoft.com/technet/security/advisory/2416728.mspx","reference_id":"","reference_type":"","scores":[],"url":"http://www.microsoft.com/technet/security/advisory/2416728.mspx"},{"reference_url":"http://www.mono-project.com/Vulnerabilities#ASP.NET_Padding_Oracle","reference_id":"","reference_type":"","scores":[],"url":"http://www.mono-project.com/Vulnerabilities#ASP.NET_Padding_Oracle"},{"reference_url":"http://www.securityfocus.com/bid/43316","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/43316"},{"reference_url":"http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-microsoft-aspnet-security","reference_id":"","reference_type":"","scores":[],"url":"http://www.theinquirer.net/inquirer/news/1732956/security-researchers-destroy-microsoft-aspnet-security"},{"reference_url":"http://www.troyhunt.com/2010/09/fear-uncertainty-and-and-padding-oracle.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.troyhunt.com/2010/09/fear-uncertainty-and-and-padding-oracle.html"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2429","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2429"},{"reference_url":"http://www.vupen.com/english/advisories/2010/2751","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/2751"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_information_services:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:internet_information_services:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:internet_information_services:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:1.1:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:2.0:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:3.5:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:microsoft:.net_framework:4.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3332","reference_id":"CVE-2010-3332","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3332"},{"reference_url":"http://blog.mindedsecurity.com/2010/10/breaking-net-encryption-with-or-without.html","reference_id":"CVE-2010-3332;OSVDB-68127;MS10-070","reference_type":"exploit","scores":[],"url":"http://blog.mindedsecurity.com/2010/10/breaking-net-encryption-with-or-without.html"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15213.pl","reference_id":"CVE-2010-3332;OSVDB-68127;MS10-070","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15213.pl"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15265.rb","reference_id":"CVE-2010-3332;OSVDB-68127;MS10-070","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/asp/remote/15265.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/15292.rb","reference_id":"CVE-2010-3332;OSVDB-68127;MS10-070","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/15292.rb"},{"reference_url":"https://security.gentoo.org/glsa/201206-13","reference_id":"GLSA-201206-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-13"}],"weaknesses":[{"cwe_id":209,"name":"Generation of Error Message Containing Sensitive Information","description":"The product generates an error message that includes sensitive information about its environment, users, or associated data."}],"exploits":[{"date_added":"2010-10-20","description":"Microsoft ASP.NET - Auto-Decryptor File Download (MS10-070)","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2010-10-20","exploit_type":"remote","platform":"windows","source_date_updated":"2010-10-20","data_source":"Exploit-DB","source_url":""}],"severity_range_score":"6.4 - 6.4","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ecs-v7qx-wqeg"}