Vulnerability CVE-2013-0509


Published: 2013-06-04   Modified: 2013-06-05

Description:
Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder.

CVSS2 => (AV:N/AC:H/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.6/10
10/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
IBM -> Tivoli netcool system service monitors 
IBM -> Tivoli netcool application service monitors 

 References:
http://xforce.iss.net/xforce/xfdb/82334
http://www-01.ibm.com/support/docview.wss?uid=swg21638183

Copyright 2024, cxsecurity.com

 

Back to Top