Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-u57j-v5mv-vkfd
Vulnerability ID VCID-u57j-v5mv-vkfd
Aliases CVE-2010-2809
Summary This GLSA contains notification of vulnerabilities found in several Gentoo packages which have been fixed prior to January 1, 2011. The worst of these vulnerabilities could lead to local privilege escalation and remote code execution. Please see the package list and CVE identifiers below for more information.
Status Published
Exploitability 2.0
Weighted Severity 6.1
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-94 Improper Control of Generation of Code ('Code Injection')
System Score Found at
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
epss 0.05768 https://api.first.org/data/v1/epss?cve=CVE-2010-2809
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2010-2809
Reference id Reference type URL
http://github.com/Dieterbe/uzbl/commit/9cc39cb5c9396be013b5dc2ba7e4b3eaa647e975
http://github.com/pawelz/uzbl/commit/342f292c27973c9df5f631a38bd12f14a9c5cdc2
http://marc.info/?l=oss-security&m=128111493509265&w=2
http://marc.info/?l=oss-security&m=128111994317381&w=2
https://api.first.org/data/v1/epss?cve=CVE-2010-2809
https://bugzilla.redhat.com/show_bug.cgi?id=621964
https://bugzilla.redhat.com/show_bug.cgi?id=621965
https://exchange.xforce.ibmcloud.com/vulnerabilities/61011
http://www.securityfocus.com/bid/42297
http://www.uzbl.org/bugs/index.php?do=details&task_id=240
http://www.uzbl.org/news.php?id=29
cpe:2.3:a:uzbl:uzbl:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uzbl:uzbl:*:*:*:*:*:*:*:*
cpe:2.3:a:uzbl:uzbl:2009.12.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uzbl:uzbl:2009.12.22:*:*:*:*:*:*:*
cpe:2.3:a:uzbl:uzbl:2010.01.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uzbl:uzbl:2010.01.04:*:*:*:*:*:*:*
CVE-2010-2809 https://nvd.nist.gov/vuln/detail/CVE-2010-2809
CVE-2010-2809;OSVDB-67308 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/34426.txt
CVE-2010-2809;OSVDB-67308 Exploit https://www.securityfocus.com/bid/42297/info
GLSA-201412-08 https://security.gentoo.org/glsa/201412-08
Data source Exploit-DB
Date added Aug. 5, 2010
Description uzbl 'uzbl-core' - '@SELECTED_URI' Mouse Button Bindings Command Injection
Ransomware campaign use Known
Source publication date Aug. 5, 2010
Exploit type remote
Platform linux
Source update date Aug. 27, 2014
Source URL https://www.securityfocus.com/bid/42297/info
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2010-2809
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.90434
EPSS Score 0.05768
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:11:28.270718+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201412-08 38.0.0