返回 CVE 瀏覽器

CVE-2010-0138

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0840%

EPSS Percentile13.03th

Published2010年1月21日

Last Modified2026年4月29日

Vulnerability Description

Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350.

Affected Platforms (CPE)

📦

Cisco

Ciscoworks Internetwork Performance Monitor

<= 2.6

📦

Cisco

Ciscoworks Internetwork Performance Monitor

= 2.4

📦

Cisco

Ciscoworks Internetwork Performance Monitor

= 2.5

References & Advisories

🔗 http://secunia.com/advisories/38230

🔗 http://securitytracker.com/id?1023484

🔗 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1351d.shtml

🔗 http://www.securityfocus.com/bid/37879

🔗 http://www.vupen.com/english/advisories/2010/0184

🔗 http://www.zerodayinitiative.com/advisories/ZDI-10-004/

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/55768

🔗 http://secunia.com/advisories/38230

相關漏洞威脅

CVE-2008-115710.0

Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a process that executes a command shell and listens on a rando...

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...