CyberSec.Space Logo
Back to CVE Browser

CVE-2010-0138

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0840%
EPSS Percentile13.03th
PublishedJan 21, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350.

Affected Platforms (CPE)

πŸ“¦
Cisco

Ciscoworks Internetwork Performance Monitor

<= 2.6
πŸ“¦
Cisco

Ciscoworks Internetwork Performance Monitor

= 2.4
πŸ“¦
Cisco

Ciscoworks Internetwork Performance Monitor

= 2.5

References & Advisories

πŸ”— http://secunia.com/advisories/38230
πŸ”— http://securitytracker.com/id?1023484
πŸ”— http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1351d.shtml
πŸ”— http://www.securityfocus.com/bid/37879
πŸ”— http://www.vupen.com/english/advisories/2010/0184
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-10-004/
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/55768
πŸ”— http://secunia.com/advisories/38230

Related Vulnerabilities

CVE-2008-115710.0

Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a process that executes a command shell and listens on a rando...

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...