[email protected]CVE-2010-3405

HistorySep 16, 2010 - 9:00 p.m.

CVE-2010-3405

2010-09-1621:00:00

CWE-119

[email protected]

web.nvd.nist.gov

ibm

aix

buffer overflow

cve-2010-3405

security vulnerability

6.5 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.9%

JSON

Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1, 1.5, and earlier allows local users to leverage system group membership and gain privileges via unspecified vectors.

CPENameOperatorVersion
ibm:aixibm aixeq5.3
ibm:aixibm aixeq6.1
ibm:viosibm vioseq2.1
ibm:viosibm vioseq1.5

CPE	Name	Operator	Version
ibm:aix	ibm aix	eq	5.3
ibm:aix	ibm aix	eq	6.1
ibm:vios	ibm vios	eq	2.1
ibm:vios	ibm vios	eq	1.5

References

aix.software.ibm.com/aix/efixes/security/sa_snap_advisory.asc

secunia.com/advisories/41446

securitytracker.com/id?1024430

www.ibm.com/support/docview.wss?uid=isg1IZ81819

www.ibm.com/support/docview.wss?uid=isg1IZ82245

www.ibm.com/support/docview.wss?uid=isg1IZ82630

www.ibm.com/support/docview.wss?uid=isg1IZ83909

www.ibm.com/support/docview.wss?uid=isg1IZ83942

www.ibm.com/support/docview.wss?uid=isg1IZ83975

www.ibm.com/support/docview.wss?uid=isg1IZ84167

www.securityfocus.com/bid/43207

www.vupen.com/english/advisories/2010/2377

exchange.xforce.ibmcloud.com/vulnerabilities/61774

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12214

6.5 Medium

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.9%

JSON

Related for CVE-2010-3405

cvelist1 prion1 nessus7