10
CVE-2010-0138
- EPSS 10.86%
- Veröffentlicht 21.01.2010 22:30:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
LoginBuffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Ciscoworks Internetwork Performance Monitor Version <= 2.6
Cisco ≫ Ciscoworks Internetwork Performance Monitor Version2.4
Cisco ≫ Ciscoworks Internetwork Performance Monitor Version2.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.86% | 0.929 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.