CVE-2013-0509

Published Jun 5, 2013

Last updated 7 years ago

Overview

Description: Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder.
Source: psirt@us.ibm.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.6
Impact score: 10
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_netcool_application_service_monitors:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8E15B98-3D2D-4365-B929-71411BF11A4D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_netcool_system_service_monitors:4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D96588E-AAC0-4735-A773-162C65183645"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References