CVE-2009-3699
Published Oct 15, 2009
Last updated 7 years ago
Overview
- Description
- Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:vios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A99FBC6A-75A0-433F-BD5A-ECBFDF1D9BF8",
"versionEndIncluding": "2.1.0"
},
{
"criteria": "cpe:2.3:a:ibm:vios:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2AB87CE-4A33-4C35-8A5B-FC2696712550"
},
{
"criteria": "cpe:2.3:a:ibm:vios:1.5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "732619AA-7504-4B02-9878-D23D2CD4AEE1"
},
{
"criteria": "cpe:2.3:a:ibm:vios:1.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A10D42BF-B7FB-4977-B4C2-3FC6B87BBCEA"
},
{
"criteria": "cpe:2.3:a:ibm:vios:1.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "07D7B5D5-9C6C-4EFD-8433-6A134B824EC1"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D084700A-713E-48C9-8ED9-A55024552B78"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCB23261-D5A9-4C49-B08E-97A63ED6F84A"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54254625-FC83-4617-8161-CA1FB3092753"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.1l:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43E38D56-80BA-460C-A296-ED7F506E4364"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "17EECCCB-D7D1-439A-9985-8FAE8B44487B"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8A7DBFF-B11B-47EC-9E52-C12B156739D5"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2.0.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B380F93D-5B13-49D0-B130-D45C2849A135"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2.0.54:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11C8004D-639C-47BC-BE3E-CF5F06C1679C"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBD01F19-4B30-4147-AC48-7F5C64EE80CD"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.2_l:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "104E5C14-6D87-494B-8D60-0443ADDCD31A"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA8DDF4A-1C5D-4CB1-95B3-69EAE6572507"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3:sp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BBBA4A5-D191-41D0-886C-C428F4F6252C"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A6DE57C2-E728-4016-9774-28FB4B0509AB"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3.0.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE79D7E9-DF50-42FD-A255-FF2A29131946"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57B11497-5622-4759-906A-A93A3E815584"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F9CD013-D904-45DF-AD43-493A22D5744B"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "307B47F5-D903-4763-A353-2538AFD6C9CD"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A16950BB-11BC-4A40-BB3B-841807BB2546"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3_l:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "435340B0-AD02-4174-BC7F-6A7C222A7F6D"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5.3_ml03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AEF9658-0479-43E5-99A2-620ED3E018E4"
},
{
"criteria": "cpe:2.3:o:ibm:aix:5l:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCFE1A11-6750-4275-B5F7-CFFCD5308D0D"
},
{
"criteria": "cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD518B94-9CD7-4C45-8766-578CF427B4CF"
},
{
"criteria": "cpe:2.3:o:ibm:aix:6.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF417123-CCB6-48AF-A21B-1974173D516B"
},
{
"criteria": "cpe:2.3:o:ibm:aix:6.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "362CFB2F-817A-4E55-A315-86B6243E3F74"
},
{
"criteria": "cpe:2.3:o:ibm:aix:6.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53544921-1C1A-4382-99D7-0F3011BA76DB"
},
{
"criteria": "cpe:2.3:o:ibm:aix:6.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15FF1838-81E0-4AFE-8DEE-505CC7692CE9"
}
],
"operator": "OR"
}
]
}
]