CVE-2010-0138

Currently unrated

Key Information:

Vendor: Cisco
Status: Ciscoworks Internetwork Performance Monitor
Vendor: CVE Published:; 21 January 2010

Summary

Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350.

References

http://www.vupen.com/english/advisories/2010/0184

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/38230

third-party-advisoryx_refsource_SECUNIA

http://securitytracker.com/id?1023484

vdb-entryx_refsource_SECTRACK

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 21, 2010
Vulnerability Reserved
Jan 4, 2010