- Description
- Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.6
- Impact score
- 10
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_netcool_application_service_monitors:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8E15B98-3D2D-4365-B929-71411BF11A4D"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_netcool_system_service_monitors:4.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D96588E-AAC0-4735-A773-162C65183645"
}
],
"operator": "OR"
}
]
}
]