Lucene search

[email protected]NVD:CVE-2010-1039

HistoryMay 20, 2010 - 5:30 p.m.

CVE-2010-1039

2010-05-2017:30:01

CWE-134

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.227 Low

EPSS

Percentile

96.5%

JSON

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Affected configurations

NVD

Node

hpnfs\/oncplusRange≤b.11.31_09

AND

hphp-uxMatchb.11.11

hphp-uxMatchb.11.23

hphp-uxMatchb.11.31

Node

ibmaixRange≤5.3

ibmaixMatch1.2.1

ibmaixMatch1.3

ibmaixMatch2.2.1

ibmaixMatch3.1

ibmaixMatch3.2

ibmaixMatch3.2.0

ibmaixMatch3.2.4

ibmaixMatch3.2.5

ibmaixMatch4

ibmaixMatch4.0

ibmaixMatch4.1

ibmaixMatch4.1.1

ibmaixMatch4.1.2

ibmaixMatch4.1.3

ibmaixMatch4.1.4

ibmaixMatch4.1.5

ibmaixMatch4.2

ibmaixMatch4.2.0

ibmaixMatch4.2.1

ibmaixMatch4.2.1.12

ibmaixMatch4.3

ibmaixMatch4.3.0

ibmaixMatch4.3.1

ibmaixMatch4.3.2

ibmaixMatch4.3.3

ibmaixMatch5.1

ibmaixMatch5.1.0.10

ibmaixMatch5.1l

ibmaixMatch5.2

ibmaixMatch5.2.0

ibmaixMatch5.2.0.50

ibmaixMatch5.2.0.54

ibmaixMatch5.2.2

ibmaixMatch5.2_l

ibmaixMatch6.1

ibmaixMatch430

Node

ibmviosRange≤1.5

ibmviosMatch1.4

ibmviosMatch2.1

Node

sgiirixMatch6.5

References

aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc

marc.info/?l=bugtraq&m=127428077629933&w=2

osvdb.org/64729

secunia.com/advisories/39835

secunia.com/advisories/39911

securitytracker.com/id?1024016

www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html

www.ibm.com/support/docview.wss?uid=isg1IZ73590

www.ibm.com/support/docview.wss?uid=isg1IZ73599

www.ibm.com/support/docview.wss?uid=isg1IZ73681

www.ibm.com/support/docview.wss?uid=isg1IZ73757

www.ibm.com/support/docview.wss?uid=isg1IZ73874

www.ibm.com/support/docview.wss?uid=isg1IZ75369

www.ibm.com/support/docview.wss?uid=isg1IZ75440

www.ibm.com/support/docview.wss?uid=isg1IZ75465

www.securityfocus.com/archive/1/511405/100/0/threaded

www.securityfocus.com/bid/40248

www.securitytracker.com/id?1023994

www.vupen.com/english/advisories/2010/1199

www.vupen.com/english/advisories/2010/1211

www.vupen.com/english/advisories/2010/1212

www.vupen.com/english/advisories/2010/1213

www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088

exchange.xforce.ibmcloud.com/vulnerabilities/58718

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.227 Low

EPSS

Percentile

96.5%

JSON

Related for NVD:CVE-2010-1039

nessus18 openvas2 cve1 securityvulns4 checkpoint_advisories1 cvelist1 prion1