CVE-2010-3040

Currently unrated

Key Information:

Vendor: Cisco
Status: Intelligent Contact Manager
Vendor: CVE Published:; 9 November 2010

Summary

Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a (1) HandleUpgradeAll, (2) AgentUpgrade, (3) HandleQueryNodeInfoReq, or (4) HandleUpgradeTrace TCP packet, aka Bug IDs CSCti45698, CSCti45715, CSCti45726, and CSCti46164.

References

http://www.zerodayinitiative.com/advisories/ZDI-10-233/

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-10-234/

x_refsource_MISC

http://securitytracker.com/id?1024693

vdb-entryx_refsource_SECTRACK

EPSS Score

54% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 9, 2010