Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2010-1039

Summary
Assigner-hp
Assigner Org ID-74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At-20 May, 2010 | 17:00
Updated At-07 Aug, 2024 | 01:06
Rejected At-
Credits

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:hp
Assigner Org ID:74586083-13ce-40fd-b46a-8e5d23cfbcb2
Published At:20 May, 2010 | 17:00
Updated At:07 Aug, 2024 | 01:06
Rejected At:
▼CVE Numbering Authority (CNA)

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://osvdb.org/64729
vdb-entry
x_refsource_OSVDB
http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
vendor-advisory
x_refsource_AIXAPAR
http://secunia.com/advisories/39911
third-party-advisory
x_refsource_SECUNIA
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
vdb-entry
signature
x_refsource_OVAL
http://www.securityfocus.com/bid/40248
vdb-entry
x_refsource_BID
http://www.securitytracker.com/id?1023994
vdb-entry
x_refsource_SECTRACK
http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
vendor-advisory
x_refsource_AIXAPAR
http://www.vupen.com/english/advisories/2010/1213
vdb-entry
x_refsource_VUPEN
http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
vendor-advisory
x_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
vendor-advisory
x_refsource_AIXAPAR
http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
x_refsource_MISC
http://www.securityfocus.com/archive/1/511405/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://marc.info/?l=bugtraq&m=127428077629933&w=2
vendor-advisory
x_refsource_HP
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
vdb-entry
signature
x_refsource_OVAL
http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
vendor-advisory
x_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
vendor-advisory
x_refsource_AIXAPAR
http://marc.info/?l=bugtraq&m=127428077629933&w=2
vendor-advisory
x_refsource_HP
http://www.vupen.com/english/advisories/2010/1199
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/39835
third-party-advisory
x_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
vdb-entry
x_refsource_XF
http://securitytracker.com/id?1024016
vdb-entry
x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2010/1212
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2010/1211
vdb-entry
x_refsource_VUPEN
http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
x_refsource_CONFIRM
http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
vendor-advisory
x_refsource_AIXAPAR
http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://osvdb.org/64729
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://secunia.com/advisories/39911
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.securityfocus.com/bid/40248
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.securitytracker.com/id?1023994
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://www.vupen.com/english/advisories/2010/1213
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
Resource:
x_refsource_MISC
Hyperlink: http://www.securityfocus.com/archive/1/511405/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.vupen.com/english/advisories/2010/1199
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/39835
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://securitytracker.com/id?1024016
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.vupen.com/english/advisories/2010/1212
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2010/1211
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
Resource:
vendor-advisory
x_refsource_AIXAPAR
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
Resource:
vendor-advisory
x_refsource_AIXAPAR
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://osvdb.org/64729
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://secunia.com/advisories/39911
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.securityfocus.com/bid/40248
vdb-entry
x_refsource_BID
x_transferred
http://www.securitytracker.com/id?1023994
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://www.vupen.com/english/advisories/2010/1213
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
x_refsource_MISC
x_transferred
http://www.securityfocus.com/archive/1/511405/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://marc.info/?l=bugtraq&m=127428077629933&w=2
vendor-advisory
x_refsource_HP
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://marc.info/?l=bugtraq&m=127428077629933&w=2
vendor-advisory
x_refsource_HP
x_transferred
http://www.vupen.com/english/advisories/2010/1199
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/39835
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
vdb-entry
x_refsource_XF
x_transferred
http://securitytracker.com/id?1024016
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.vupen.com/english/advisories/2010/1212
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2010/1211
vdb-entry
x_refsource_VUPEN
x_transferred
http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
x_refsource_CONFIRM
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
vendor-advisory
x_refsource_AIXAPAR
x_transferred
http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://osvdb.org/64729
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://secunia.com/advisories/39911
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.securityfocus.com/bid/40248
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.securitytracker.com/id?1023994
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1213
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/511405/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1199
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/39835
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://securitytracker.com/id?1024016
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1212
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2010/1211
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
Resource:
vendor-advisory
x_refsource_AIXAPAR
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:hp-security-alert@hp.com
Published At:20 May, 2010 | 17:30
Updated At:11 Apr, 2025 | 00:51

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
HP Inc.
hp
>>nfs\/oncplus>>Versions up to b.11.31_09(inclusive)
cpe:2.3:a:hp:nfs\/oncplus:*:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>b.11.11
cpe:2.3:o:hp:hp-ux:b.11.11:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>b.11.23
cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*
HP Inc.
hp
>>hp-ux>>b.11.31
cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>Versions up to 5.3(inclusive)
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>1.2.1
cpe:2.3:o:ibm:aix:1.2.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>1.3
cpe:2.3:o:ibm:aix:1.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>2.2.1
cpe:2.3:o:ibm:aix:2.2.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>3.1
cpe:2.3:o:ibm:aix:3.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>3.2
cpe:2.3:o:ibm:aix:3.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>3.2.0
cpe:2.3:o:ibm:aix:3.2.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>3.2.4
cpe:2.3:o:ibm:aix:3.2.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>3.2.5
cpe:2.3:o:ibm:aix:3.2.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4
cpe:2.3:o:ibm:aix:4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.0
cpe:2.3:o:ibm:aix:4.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.1
cpe:2.3:o:ibm:aix:4.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.1.1
cpe:2.3:o:ibm:aix:4.1.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.1.2
cpe:2.3:o:ibm:aix:4.1.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.1.3
cpe:2.3:o:ibm:aix:4.1.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.1.4
cpe:2.3:o:ibm:aix:4.1.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.1.5
cpe:2.3:o:ibm:aix:4.1.5:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.2
cpe:2.3:o:ibm:aix:4.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.2.0
cpe:2.3:o:ibm:aix:4.2.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.2.1
cpe:2.3:o:ibm:aix:4.2.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.2.1.12
cpe:2.3:o:ibm:aix:4.2.1.12:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3
cpe:2.3:o:ibm:aix:4.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.0
cpe:2.3:o:ibm:aix:4.3.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.1
cpe:2.3:o:ibm:aix:4.3.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.2
cpe:2.3:o:ibm:aix:4.3.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>4.3.3
cpe:2.3:o:ibm:aix:4.3.3:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.1
cpe:2.3:o:ibm:aix:5.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.1.0.10
cpe:2.3:o:ibm:aix:5.1.0.10:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.1l
cpe:2.3:o:ibm:aix:5.1l:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.2
cpe:2.3:o:ibm:aix:5.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.2.0
cpe:2.3:o:ibm:aix:5.2.0:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.2.0.50
cpe:2.3:o:ibm:aix:5.2.0.50:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.2.0.54
cpe:2.3:o:ibm:aix:5.2.0.54:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.2.2
cpe:2.3:o:ibm:aix:5.2.2:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>5.2_l
cpe:2.3:o:ibm:aix:5.2_l:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>6.1
cpe:2.3:o:ibm:aix:6.1:*:*:*:*:*:*:*
IBM Corporation
ibm
>>aix>>430
cpe:2.3:o:ibm:aix:430:*:*:*:*:*:*:*
IBM Corporation
ibm
>>vios>>Versions up to 1.5(inclusive)
cpe:2.3:a:ibm:vios:*:*:*:*:*:*:*:*
IBM Corporation
ibm
>>vios>>1.4
cpe:2.3:a:ibm:vios:1.4:*:*:*:*:*:*:*
IBM Corporation
ibm
>>vios>>2.1
cpe:2.3:a:ibm:vios:2.1:*:*:*:*:*:*:*
Silicon Graphics, Inc.
sgi
>>irix>>6.5
cpe:2.3:o:sgi:irix:6.5:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-134Primarynvd@nist.gov
CWE ID: CWE-134
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.aschp-security-alert@hp.com
N/A
http://marc.info/?l=bugtraq&m=127428077629933&w=2hp-security-alert@hp.com
Vendor Advisory
http://marc.info/?l=bugtraq&m=127428077629933&w=2hp-security-alert@hp.com
Vendor Advisory
http://osvdb.org/64729hp-security-alert@hp.com
N/A
http://secunia.com/advisories/39835hp-security-alert@hp.com
Vendor Advisory
http://secunia.com/advisories/39911hp-security-alert@hp.com
N/A
http://securitytracker.com/id?1024016hp-security-alert@hp.com
N/A
http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.htmlhp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73590hp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73599hp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73681hp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73757hp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73874hp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ75369hp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ75440hp-security-alert@hp.com
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ75465hp-security-alert@hp.com
N/A
http://www.securityfocus.com/archive/1/511405/100/0/threadedhp-security-alert@hp.com
N/A
http://www.securityfocus.com/bid/40248hp-security-alert@hp.com
Patch
http://www.securitytracker.com/id?1023994hp-security-alert@hp.com
N/A
http://www.vupen.com/english/advisories/2010/1199hp-security-alert@hp.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1211hp-security-alert@hp.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1212hp-security-alert@hp.com
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1213hp-security-alert@hp.com
Vendor Advisory
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088hp-security-alert@hp.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/58718hp-security-alert@hp.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986hp-security-alert@hp.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103hp-security-alert@hp.com
N/A
http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://marc.info/?l=bugtraq&m=127428077629933&w=2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://marc.info/?l=bugtraq&m=127428077629933&w=2af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://osvdb.org/64729af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/39835af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/39911af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1024016af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73590af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73599af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73681af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73757af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ73874af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ75369af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ75440af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ibm.com/support/docview.wss?uid=isg1IZ75465af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/511405/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/40248af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securitytracker.com/id?1023994af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2010/1199af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1211af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1212af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2010/1213af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/58718af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://osvdb.org/64729
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/39835
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/39911
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://securitytracker.com/id?1024016
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/511405/100/0/threaded
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40248
Source: hp-security-alert@hp.com
Resource:
Patch
Hyperlink: http://www.securitytracker.com/id?1023994
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/1199
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1211
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1212
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1213
Source: hp-security-alert@hp.com
Resource:
Vendor Advisory
Hyperlink: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
Source: hp-security-alert@hp.com
Resource: N/A
Hyperlink: http://aix.software.ibm.com/aix/efixes/security/pcnfsd_advisory.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://marc.info/?l=bugtraq&m=127428077629933&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://osvdb.org/64729
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/39835
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/39911
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1024016
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.checkpoint.com/defense/advisories/public/2010/cpai-13-May.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73590
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73599
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73681
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73757
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ73874
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75369
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75440
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ibm.com/support/docview.wss?uid=isg1IZ75465
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/511405/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/40248
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.securitytracker.com/id?1023994
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2010/1199
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1211
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1212
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2010/1213
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18&ID=5088
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/58718
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11986
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12103
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

715Records found
CVE-2010-1550
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-13.91% / 94.06%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2011-0270
Matching Score-10
Assigner-HP Inc.
ShareView Details
Matching Score-10
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-46.02% / 97.55%
||
7 Day CHG~0.00%
Published-13 Jan, 2011 | 18:35
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2016-4448
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-9.8||CRITICAL
EPSS-2.70% / 85.29%
||
7 Day CHG+0.10%
Published-09 Jun, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in libxml2 before 2.9.4 allows attackers to have unspecified impact via format string specifiers in unknown vectors.

Action-Not Available
Vendor-n/aOracle CorporationMcAfee, LLCTenable, Inc.SlackwareHP Inc.Microsoft CorporationApple Inc.Red Hat, Inc.libxml2 (XMLSoft)
Product-enterprise_linuxenterprise_linux_servermac_os_xwatchositunesenterprise_linux_server_eusvm_serverlinuxtvosenterprise_linux_server_auslibxml2icewall_federation_agententerprise_linux_desktopweb_gatewayenterprise_linux_server_tusenterprise_linux_workstationslackware_linuxlog_correlation_enginewindowsiphone_osicloudn/a
CWE ID-CWE-134
Use of Externally-Controlled Format String
CVE-2016-2006
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-40.63% / 97.27%
||
7 Day CHG~0.00%
Published-21 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protectorn/a
CVE-2002-0746
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.56% / 67.41%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in template.dhcpo in AIX 4.3.3 related to an insecure linker argument.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2002-0745
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.61% / 68.73%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in uucp in AIX 4.3.3.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2011-0914
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-11.11% / 93.19%
||
7 Day CHG~0.00%
Published-08 Feb, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in ndiiop.exe in the DIIOP implementation in the server in IBM Lotus Domino before 8.5.3 allows remote attackers to execute arbitrary code via a GIOP client request, leading to a heap-based buffer overflow.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_dominon/a
CVE-2002-0744
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.61% / 68.73%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2002-0742
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.61% / 68.73%
||
7 Day CHG~0.00%
Published-26 Jul, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in pioout on AIX 4.3.3.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2010-2703
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-82.23% / 99.17%
||
7 Day CHG~0.00%
Published-27 Jul, 2010 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.

Action-Not Available
Vendor-n/aHP Inc.Microsoft Corporation
Product-windowsopenview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2681
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.33% / 79.15%
||
7 Day CHG~0.00%
Published-07 Jul, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly handle exceptions, which has unspecified impact and remote attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-rational_doors_web_accessn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2001-0671
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.64% / 89.99%
||
7 Day CHG~0.00%
Published-22 Nov, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.

Action-Not Available
Vendor-n/aIBM Corporation
Product-aixn/a
CVE-2001-1264
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.34% / 79.16%
||
7 Day CHG~0.00%
Published-03 May, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allows attackers to elevate privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxvvosn/a
CVE-2011-3162
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1296.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2001-0552
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.35% / 86.79%
||
7 Day CHG~0.00%
Published-29 Aug, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.

Action-Not Available
Vendor-n/aIBM CorporationHP Inc.
Product-openview_network_node_managertivoli_netviewn/a
CVE-2011-2680
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.33% / 79.15%
||
7 Day CHG~0.00%
Published-07 Jul, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 has unknown impact and remote attack vectors related to the "server error response."

Action-Not Available
Vendor-n/aIBM Corporation
Product-rational_doors_web_accessn/a
CVE-2001-0797
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-88.62% / 99.48%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

Action-Not Available
Vendor-scon/aIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)HP Inc.
Product-hp-uxaixsolarisopenserveririxsunosn/a
CVE-2011-3135
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.52% / 65.66%
||
7 Day CHG~0.00%
Published-12 Aug, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-tivoli_federated_identity_manager_business_gatewaytivoli_federated_identity_managern/a
CVE-2001-0981
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.39% / 59.46%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HP CIFS/9000 Server (SAMBA) A.01.07 and earlier with the "unix password sync" option enabled calls the passwd program without specifying the username of the user making the request, which could cause the server to change the password of a different user.

Action-Not Available
Vendor-n/aHP Inc.
Product-cifs-9000_servern/a
CVE-2016-1999
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.23% / 86.57%
||
7 Day CHG~0.00%
Published-30 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library.

Action-Not Available
Vendor-n/aHP Inc.
Product-release_controln/a
CWE ID-CWE-284
Improper Access Control
CVE-2011-3156
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1222.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2010-2704
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-40.69% / 97.27%
||
7 Day CHG~0.00%
Published-27 Jul, 2010 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2001-0799
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-2.23% / 83.86%
||
7 Day CHG~0.00%
Published-22 Nov, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2001-1162
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-30.17% / 96.51%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.

Action-Not Available
Vendor-n/aSambaHP Inc.
Product-sambacifs-9000_servern/a
CVE-2001-0800
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-78.03% / 98.97%
||
7 Day CHG~0.00%
Published-22 Nov, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2000-0677
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-7.65% / 91.51%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.

Action-Not Available
Vendor-n/aIBM Corporation
Product-net.datan/a
CVE-2000-1221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-12.18% / 93.57%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Silicon Graphics, Inc.
Product-linuxdebian_linuxirixn/a
CVE-2010-1551
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-18.25% / 94.95%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the _OVParseLLA function in ov.dll in netmon.exe in Network Monitor in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the sel parameter.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-3157
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.96% / 97.54%
||
7 Day CHG~0.00%
Published-19 Oct, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1225.

Action-Not Available
Vendor-n/aHP Inc.
Product-data_protector_for_personal_computersdata_protector_notebook_extensionn/a
CVE-2000-1220
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-3.13% / 86.33%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.Red Hat, Inc.
Product-linuxirixn/a
CVE-2000-0848
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-8.47% / 91.98%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.

Action-Not Available
Vendor-n/aIBM Corporation
Product-websphere_application_servern/a
CVE-2011-1730
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-43.82% / 97.44%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_SCRIPT message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2000-0699
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-4.45% / 88.62%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2011-1559
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.51% / 65.21%
||
7 Day CHG~0.00%
Published-05 Apr, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the IBM Web Interface for Content Management (aka WEBi) 1.0.4 before FP3 has unknown impact and attack vectors.

Action-Not Available
Vendor-n/aIBM Corporation
Product-webin/a
CVE-2000-0844
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.89% / 74.60%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.

Action-Not Available
Vendor-trustixconectivaimmunixturbolinuxn/aMandriva (Mandrakesoft)SlackwareDebian GNU/LinuxRed Hat, Inc.SUSEIBM CorporationSilicon Graphics, Inc.Sun Microsystems (Oracle Corporation)The MITRE Corporation (Caldera)
Product-openlinux_eserversecure_linuxaixsolaristurbolinuxirixopenlinux_ebuilderimmunixdebian_linuxsunossuse_linuxlinuxslackware_linuxopenlinuxmandrake_linuxn/a
CVE-2000-0733
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-5.61% / 89.96%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2000-0798
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.17% / 77.75%
||
7 Day CHG~0.00%
Published-21 Sep, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.

Action-Not Available
Vendor-n/aSilicon Graphics, Inc.
Product-irixn/a
CVE-2001-0247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-35.17% / 96.91%
||
7 Day CHG~0.00%
Published-24 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3.

Action-Not Available
Vendor-n/aNetBSDMIT (Massachusetts Institute of Technology)Silicon Graphics, Inc.OpenBSDFreeBSD Foundation
Product-netbsdopenbsdirixfreebsdkerberos_5n/a
CVE-2011-1505
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.33% / 79.15%
||
7 Day CHG~0.00%
Published-22 Mar, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in IBM Lotus Quickr 8.1 before 8.1.0.27 services for Lotus Domino has unknown impact and attack vectors, aka SPR ESEO8DQME2.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_quickrlotus_dominon/a
CVE-2011-1867
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-45.84% / 97.54%
||
7 Day CHG~0.00%
Published-11 Jul, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows remote attackers to execute arbitrary code via a 0x0A0BF007 packet.

Action-Not Available
Vendor-n/aHP Inc.
Product-user_access_managerendpoint_admission_defenseintelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1853
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-15.65% / 94.44%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a (1) large or (2) invalid opcode field, related to a function pointer table.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-1519
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-14.00% / 94.07%
||
7 Day CHG~0.00%
Published-25 Mar, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The remote console in the Server Controller in IBM Lotus Domino 7.x and 8.x verifies credentials against a file located at a UNC share pathname specified by the client, which allows remote attackers to bypass authentication, and consequently execute arbitrary code, by placing this pathname in the COOKIEFILE field. NOTE: this might overlap CVE-2011-0920.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_dominon/a
CWE ID-CWE-287
Improper Authentication
CVE-2000-0515
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.47% / 80.13%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2003-1496
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.26% / 49.65%
||
7 Day CHG~0.00%
Published-25 Oct, 2007 | 19:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840.

Action-Not Available
Vendor-n/aHP Inc.
Product-tru64n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2000-0558
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-1.41% / 79.67%
||
7 Day CHG~0.00%
Published-13 Oct, 2000 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_network_node_managern/a
CVE-2011-1851
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-29.84% / 96.47%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long mode field.

Action-Not Available
Vendor-n/aHP Inc.
Product-intelligent_management_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1731
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-10||HIGH
EPSS-38.90% / 97.16%
||
7 Day CHG~0.00%
Published-07 May, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_INTEGUTIL message.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protectorn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2000-0573
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-91.38% / 99.65%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-1999-1573
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-10||HIGH
EPSS-0.92% / 74.98%
||
7 Day CHG~0.00%
Published-21 Apr, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unknown vulnerabilities in the "r-cmnds" (1) remshd, (2) rexecd, (3) rlogind, (4) rlogin, (5) remsh, (6) rcp, (7) rexec, and (8) rdist for HP-UX 10.00 through 11.00 allow attackers to gain privileges or access files.

Action-Not Available
Vendor-n/aHP Inc.
Product-hp-uxn/a
CVE-2022-24292
Matching Score-8
Assigner-HP Inc.
ShareView Details
Matching Score-8
Assigner-HP Inc.
CVSS Score-9.8||CRITICAL
EPSS-8.53% / 92.01%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-03 Aug, 2024 | 04:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.

Action-Not Available
Vendor-n/aHP Inc.
Product-officejet_pro_8210_j3p67a_firmwareofficejet_pro_8740_k7s42a_firmwarelaserjet_pro_m453-m454_w1y46a_firmwarelaserjet_pro_mfp_m478-m479_w1a80alaserjet_pro_m304-m305_w1a47alaserjet_pro_m453-m454_w1y45a_firmwarelaserjet_pro_m304-m305_w1a48a_firmwareofficejet_pro_8740_t0g65aofficejet_pro_8210_j3p65aofficejet_pro_8210_d9l63a_firmwarelaserjet_pro_m453-m454_w1y44aofficejet_pro_8740_k7s40aofficejet_pro_8740_j6x83a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a29a_firmwarepagewide_managed_p55250dw_j6u55alaserjet_pro_m304-m305_w1a46aofficejet_pro_8740_k7s43alaserjet_pro_m453-m454_w1y43a_firmwarepagewide_352dw_j6u57a_firmwarelaserjet_pro_m453-m454_w1y47a_firmwarepagewide_pro_477dn_d3q19alaserjet_pro_m304-m305_w1a46a_firmwarelaserjet_pro_m304-m305_w1a66a_firmwarelaserjet_pro_m404-m405_w1a57alaserjet_pro_m404-m405_w1a59alaserjet_pro_m453-m454_w1y41a_firmwarelaserjet_pro_mfp_m478-m479_w1a78a_firmwarelaserjet_pro_m404-m405_w1a56alaserjet_pro_m404-m405_w1a52alaserjet_pro_mfp_m478-m479_w1a82alaserjet_pro_mfp_m428-m429_w1a31apagewide_pro_452dw_d3q16a_firmwarelaserjet_pro_mfp_m478-m479_w1a77a_firmwarepagewide_pro_452dw_d3q16apagewide_pro_452dn_d3q15apagewide_managed_p57750dw_j9v82aofficejet_pro_8740_k7s41aofficejet_pro_8210_d9l63alaserjet_pro_m304-m305_w1a53a_firmwarepagewide_pro_552dw_d3q17a_firmwarelaserjet_pro_mfp_m478-m479_w1a79alaserjet_pro_mfp_m428-m429_w1a31a_firmwareofficejet_pro_8210_j3p68a_firmwareofficejet_pro_8216_t0g70a_firmwarelaserjet_pro_m304-m305_w1a51a_firmwarelaserjet_pro_m304-m305_w1a59a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38alaserjet_pro_m304-m305_w1a48alaserjet_pro_mfp_m428-m429_f_w1a32a_firmwareofficejet_pro_8216_t0g70alaserjet_pro_m453-m454_w1y47alaserjet_pro_m304-m305_w1a56a_firmwarepagewide_pro_577z_k9z76a_firmwarepagewide_managed_p55250dw_j6u55b_firmwareofficejet_pro_8730_k7s32a_firmwareofficejet_pro_8740_j6x83apagewide_pro_577dw_d3q21alaserjet_pro_mfp_m478-m479_w1a80a_firmwarelaserjet_pro_m304-m305_w1a52a_firmwarepagewide_pro_452dn_d3q15a_firmwareofficejet_pro_8210_d9l64alaserjet_pro_m453-m454_w1y46alaserjet_pro_mfp_m428-m429_f_w1a32alaserjet_pro_mfp_m478-m479_w1a81a_firmwarelaserjet_pro_m453-m454_w1y44a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34a_firmwareofficejet_pro_8740_k7s41a_firmwareofficejet_pro_8210_d9l64a_firmwarepagewide_377dw_j9v80a_firmwarelaserjet_pro_m304-m305_w1a57a_firmwareofficejet_pro_8740_d9l21alaserjet_pro_m304-m305_w1a58a_firmwarelaserjet_pro_mfp_m478-m479_w1a75apagewide_managed_p55250dw_j6u55bofficejet_pro_8740_k7s39alaserjet_pro_mfp_m428-m429_f_w1a30alaserjet_pro_m304-m305_w1a66alaserjet_pro_m453-m454_w1y40alaserjet_pro_mfp_m478-m479_w1a77apagewide_managed_p55250dw_j6u55a_firmwarepagewide_pro_477dw_d3q20aofficejet_pro_8210_j3p66alaserjet_pro_m404-m405_w1a60alaserjet_pro_mfp_m428-m429_f_w1a35alaserjet_pro_mfp_m478-m479_w1a76a_firmwarepagewide_pro_577z_k9z76apagewide_managed_p55250dw_j6u51bpagewide_377dw_j9v80alaserjet_pro_mfp_m478-m479_w1a78alaserjet_pro_m304-m305_w1a63a_firmwarelaserjet_pro_m304-m305_w1a60a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a38a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a34aofficejet_pro_8740_t0g65a_firmwarepagewide_pro_477dw_d3q20a_firmwarelaserjet_pro_m453-m454_w1y40a_firmwareofficejet_pro_8740_k7s39a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a35a_firmwarelaserjet_pro_mfp_m428-m429_f_w1a30a_firmwarepagewide_managed_p55250dw_j6u51b_firmwareofficejet_pro_8730_d9l20a_firmwarelaserjet_pro_mfp_m428-m429_w1a33a_firmwarelaserjet_pro_m404-m405_93m22alaserjet_pro_mfp_m478-m479_w1a76alaserjet_pro_mfp_m478-m479_w1a82a_firmwareofficejet_pro_8210_j3p68alaserjet_pro_mfp_m478-m479_w1a81alaserjet_pro_m404-m405_w1a51alaserjet_pro_mfp_m428-m429_w1a33aofficejet_pro_8210_j3p66a_firmwarelaserjet_pro_m404-m405_w1a53alaserjet_pro_m453-m454_w1y43alaserjet_pro_mfp_m478-m479_w1a79a_firmwarelaserjet_pro_m404-m405_w1a58alaserjet_pro_mfp_m428-m429_w1a28a_firmwareofficejet_pro_8210_j3p67alaserjet_pro_mfp_m428-m429_w1a28aofficejet_pro_8740_k7s42apagewide_pro_552dw_d3q17aofficejet_pro_8210_j3p65a_firmwareofficejet_pro_8740_k7s43a_firmwarelaserjet_pro_m453-m454_w1y41alaserjet_pro_m453-m454_w1y45alaserjet_pro_m304-m305_w1a47a_firmwareofficejet_pro_8730_d9l20aofficejet_pro_8740_d9l21a_firmwareofficejet_pro_8740_k7s40a_firmwareofficejet_pro_8730_k7s32apagewide_managed_p57750dw_j9v82a_firmwarelaserjet_pro_m404-m405_93m22a_firmwarelaserjet_pro_m404-m405_w1a63alaserjet_pro_mfp_m428-m429_f_w1a29alaserjet_pro_mfp_m478-m479_w1a75a_firmwarepagewide_352dw_j6u57apagewide_pro_477dn_d3q19a_firmwarepagewide_pro_577dw_d3q21a_firmwareHP LaserJet Pro Printers; HP Pagewide Pro Printers; HP Officejet Printers
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 14
  • 15
  • Next
Details not found