Stack-based Buffer Overflow in IBM Tivoli Monitoring on Linux and UNIX
CVE-2016-2946

7.8HIGH

Key Information:

Vendor
IBM
Vendor
CVE Published:
1 December 2016

Summary

A stack-based buffer overflow vulnerability exists in the ax Shared Libraries within the Agent of IBM Tivoli Monitoring on Linux and UNIX systems. This issue affects specific versions of the software, allowing local users to exploit the vulnerability through unspecified vectors. Successful exploitation may lead to privilege escalation, enabling attackers to execute arbitrary code or gain unauthorized access to sensitive system resources. Users are encouraged to update to the latest versions to mitigate the risk.

References

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.