CVE-2010-2090

EPSS 1.34%
Veröffentlicht 27.05.2010 19:30:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and Communications Server for AIX (aka CSAIX or CS/AIX) in sna.rte before 6.3.1.2 allows remote attackers to cause a denial of service (daemon crash) via APPC data containing a GDSID variable with a GDS length that is too small.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Communications Server Version6.1.3

Microsoft ≫ Windows

Ibm ≫ Communications Server Version6.3.1.0

Microsoft ≫ Windows

Ibm ≫ Communications Server Version6.1.3

Ibm ≫ Aix

Ibm ≫ Communications Server Version6.3.1.0

Ibm ≫ Aix

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.34%	0.782

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/39909

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ68810

http://www-01.ibm.com/support/docview.wss?uid=swg1JR36026

http://www-01.ibm.com/support/docview.wss?uid=swg24013012

http://www.securityfocus.com/bid/40372

http://www.vupen.com/english/advisories/2010/1244

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/58874

https://nvd.nist.gov/vuln/detail/CVE-2010-2090

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-2090

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-2090

EUVD