CVE-2010-0138
Last modified
CVE-2010-0138 is a vulnerability of currently unknown severity. Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350.. EPSS estimates a 8.48% chance of exploitation in the next 30 days.
Description
Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Ciscoworks Internetwork Performance Monitor | <= 2.6 |
| Cisco | Ciscoworks Internetwork Performance Monitor | 2.4 |
| Cisco | Ciscoworks Internetwork Performance Monitor | 2.5 |
References
- http://secunia.com/advisories/38230Vendor Advisory
- http://www.vupen.com/english/advisories/2010/0184Vendor Advisory
- http://secunia.com/advisories/38230Vendor Advisory
- http://www.vupen.com/english/advisories/2010/0184Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-0138?
How severe is CVE-2010-0138?
How do I fix CVE-2010-0138?
Are you affected by CVE-2010-0138?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST