CVE-2009-2026

Published Aug 10, 2009

Last updated 6 years ago

CVSS info 10.0

Overview

Description: Stack-based buffer overflow in a token searching function in the dtscore library in Data Transport Services in CA Software Delivery r11.2 C1, C2, C3, and SP4; Unicenter Software Delivery 4.0 C3; CA Advantage Data Transport 3.0 C1; and CA IT Client Manager r12 allows remote attackers to execute arbitrary code via crafted data.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ca:advantage_data_transport:3.0:c1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E6409A3-4F03-4CED-9A2E-2DE7B5EE624E"
          },
          {
            "criteria": "cpe:2.3:a:ca:it_client_manager:r12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C31688D4-1C99-4764-A913-564E0FEB1E9D"
          },
          {
            "criteria": "cpe:2.3:a:ca:software_delivery:r11:c1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E14834E-9E56-4036-B89C-E6F0E6775E34"
          },
          {
            "criteria": "cpe:2.3:a:ca:software_delivery:r11:c2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F59A43E7-02A9-4656-A4C4-FE01DCE5E615"
          },
          {
            "criteria": "cpe:2.3:a:ca:software_delivery:r11:c3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3DE142E-A7C8-4280-9677-AE167FA3ACF8"
          },
          {
            "criteria": "cpe:2.3:a:ca:software_delivery:r11:sp4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FD0F14E-A31D-4A2C-A464-A7DAC1CB2180"
          },
          {
            "criteria": "cpe:2.3:a:ca:unicenter_software_delivery:4.0:c3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D546AF2C-34D9-4C7A-A2F1-F766D1CAA3E2"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References