exploitDog

CVE-2010-1124

Опубликовано: 26 мар. 2010

Источник: nvd

CVSS2: 7.8

EPSS Низкий

Описание

bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses."

Ссылки

http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710
Vendor Advisory
http://www.securityfocus.com/bid/38964
http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710
Vendor Advisory
http://www.securityfocus.com/bid/38964

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:ibm:aix:5.3:*:*:*:*:*:*:*

cpe:2.3:o:ibm:aix:5.3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00372

Низкий

7.8 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-vjp8-9j46-32cg

github

почти 4 года назад

bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses."

EPSS

Процентиль: 58%

0.00372

Низкий

7.8 High

CVSS2

Дефекты

NVD-CWE-Other