Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-0509

Buffer overflow in the Transaction MIB agent in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 allows remote attackers to execute arbitrary code via a SQL transaction with a long table name that is not properly handled by a packet decoder.

Published

2013-06-05T03:43:48.027

Last Modified

2025-04-11T00:51:21.963

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 7.6 (HIGH)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

4.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	tivoli_netcool_application_service_monitors	4.0.0	Yes
Application	ibm	tivoli_netcool_system_service_monitors	4.0.0	Yes

References

http://www-01.ibm.com/support/docview.wss?uid=swg21638183 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/82334 ([email protected])
http://www-01.ibm.com/support/docview.wss?uid=swg21638183 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/82334 (af854a3a-2127-422b-91ae-364da2661108)