Lucene search

[email protected]CVE-2010-3040

HistoryNov 09, 2010 - 9:00 p.m.

CVE-2010-3040

2010-11-0921:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-3040

buffer overflow

agent.exe

cisco

icm

remote code execution

security vulnerability

nvd

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.124 Low

EPSS

Percentile

95.4%

JSON

Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a (1) HandleUpgradeAll, (2) AgentUpgrade, (3) HandleQueryNodeInfoReq, or (4) HandleUpgradeTrace TCP packet, aka Bug IDs CSCti45698, CSCti45715, CSCti45726, and CSCti46164.

CPENameOperatorVersion
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr2
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr5
cisco:intelligent_contact_managercisco intelligent contact managereq6.0\(0\)_sr5
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr4
cisco:intelligent_contact_managercisco intelligent contact managereq6.0\(0\)_sr9
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr12
cisco:intelligent_contact_managercisco intelligent contact managereq6.0\(0\)a
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)_sr7
cisco:intelligent_contact_managercisco intelligent contact managereq6.0\(0\)_sr4
cisco:intelligent_contact_managercisco intelligent contact managereq5.0\(0\)a

CPE	Name	Operator	Version
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr2
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr5
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	6.0\(0\)_sr5
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr4
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	6.0\(0\)_sr9
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr12
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	6.0\(0\)a
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)_sr7
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	6.0\(0\)_sr4
cisco:intelligent_contact_manager	cisco intelligent contact manager	eq	5.0\(0\)a

Rows per page:

1-10 of 271

References

secunia.com/advisories/42146

securitytracker.com/id?1024693

tools.cisco.com/security/center/viewAlert.x?alertId=21726

www.securityfocus.com/bid/44699

www.vupen.com/english/advisories/2010/2914

www.zerodayinitiative.com/advisories/ZDI-10-232/

www.zerodayinitiative.com/advisories/ZDI-10-233/

www.zerodayinitiative.com/advisories/ZDI-10-234/

www.zerodayinitiative.com/advisories/ZDI-10-235/

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.124 Low

EPSS

Percentile

95.4%

JSON

Related for CVE-2010-3040

securityvulns5 zdi4 prion1 seebug1