Lucene search

PRIOn knowledge basePRION:CVE-2010-0138

HistoryJan 21, 2010 - 10:30 p.m.

Buffer overflow

2010-01-2122:30:00

PRIOn knowledge base

www.prio-n.com

8.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.393 Low

EPSS

Percentile

97.1%

JSON

Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a “third-party component,” aka Bug ID CSCsv62350.

CPENameOperatorVersion
ciscoworks_internetwork_performance_monitorle2.6
ciscoworks_internetwork_performance_monitoreq2.4
ciscoworks_internetwork_performance_monitoreq2.5

Name	Operator	Version
ciscoworks_internetwork_performance_monitor	le	2.6
ciscoworks_internetwork_performance_monitor	eq	2.4
ciscoworks_internetwork_performance_monitor	eq	2.5

References

secunia.com/advisories/38230

securitytracker.com/id?1023484

www.cisco.com/en/US/products/products_security_advisory09186a0080b1351d.shtml

www.securityfocus.com/bid/37879

www.vupen.com/english/advisories/2010/0184

www.zerodayinitiative.com/advisories/ZDI-10-004/

exchange.xforce.ibmcloud.com/vulnerabilities/55768

8.4 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.393 Low

EPSS

Percentile

97.1%

JSON

Related for PRION:CVE-2010-0138