All the vulnerabilites related to symantec - brightmail_gateway
cve-2009-3032
Vulnerability from cvelistv5
Published
2010-03-05 19:00
Modified
2024-08-07 06:14
Severity ?
EPSS score ?
Summary
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2010&suid=20100304_00 | x_refsource_CONFIRM | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21440812 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/38468 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:14:56.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38468"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-20T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38468"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3032",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"name": "20100304 Autonomy KeyView OLE Document Integer Overflow Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"name": "38468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38468"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3032",
"datePublished": "2010-03-05T19:00:00",
"dateReserved": "2009-08-31T00:00:00",
"dateUpdated": "2024-08-07T06:14:56.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1611
Vulnerability from cvelistv5
Published
2013-05-09 10:00
Modified
2024-09-17 03:54
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20130508_00 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/59700 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.529Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20130508_00"
},
{
"name": "59700",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59700"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-09T10:00:00Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20130508_00"
},
{
"name": "59700",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59700"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2013-1611",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20130508_00",
"refsource": "CONFIRM",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20130508_00"
},
{
"name": "59700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59700"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2013-1611",
"datePublished": "2013-05-09T10:00:00Z",
"dateReserved": "2013-02-04T00:00:00Z",
"dateUpdated": "2024-09-17T03:54:13.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2013-05-09 12:31
Modified
2024-11-21 01:49
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | brightmail_gateway | 9.5 | |
| symantec | brightmail_gateway | 9.5.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:brightmail_gateway:9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "864347FD-B66F-4F7B-9926-B5B1AF3BE98E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_gateway:9.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FBE1C284-0AAA-4000-8AFA-44C7470490A2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in administrative-interface pages in the management console in Symantec Brightmail Gateway 9.5.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidades de secuencias de comandos entre sitios m\u00faltiples (XSS) en las interfaces administrativas en la consola de gesti\u00f3n en Symantec Brightmail Gateway v9.5.x que permite a usuarios autenticados remotamente inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores no especificados"
}
],
"id": "CVE-2013-1611",
"lastModified": "2024-11-21T01:49:59.807",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-05-09T12:31:19.367",
"references": [
{
"source": "secure@symantec.com",
"url": "http://www.securityfocus.com/bid/59700"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20130508_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/59700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20130508_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-03-05 19:30
Modified
2024-11-21 01:06
Severity ?
Summary
Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:brightmail_gateway:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8EAF9163-1511-4424-8019-9868D0C4D0C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "D804B423-8990-497F-9FB8-86E3D06F4F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:8.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "6A13CD3B-0529-43E4-A4F8-96B5180B0DA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:linux:*:*:*:*:*",
"matchCriteriaId": "5D92BC1D-E75F-420E-A2DB-DBFC07508A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:9.0.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "ED4D0804-7AE2-45D6-AAD5-F70C14354BBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:linux:*:*:*:*:*",
"matchCriteriaId": "7A06E56E-5DE3-4EA2-90BC-366EBC4283A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_detection_servers:10.0:*:windows:*:*:*:*:*",
"matchCriteriaId": "F9EAB6C2-F8A1-42BD-A8C8-A8D7017606E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:8.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14920820-3D26-4AC4-839E-531ABA6933A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EA274AFE-D535-4683-964A-FBCBF2D1291E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention_endpoint_agents:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CA2A7B74-D51B-4A59-9A41-2963247C3C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:im_manager_2007:*:*:*:*:*:*:*:*",
"matchCriteriaId": "526474D6-9084-4F53-9172-8C9C7BB5FE01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.0:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5E7788BD-652E-4306-AED0-6AE7F9A07836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.181:*:smtp:*:*:*:*:*",
"matchCriteriaId": "D602A441-863D-4E90-A01D-57C41725D008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.182:*:smtp:*:*:*:*:*",
"matchCriteriaId": "A792A9C1-95EF-4CE2-B14F-3DEE09BFAF8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.1.189:*:smtp:*:*:*:*:*",
"matchCriteriaId": "5D9C7B86-7F9A-4DF8-A4DF-9A7CA5991D91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.11:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "95D5B1CF-6C20-4D66-9D30-631441FA953B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.12:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "868EFAF0-F5FA-46EB-99CC-19C1DAF06954",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:5.0.13:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "16BE9C8A-A8AF-43FF-B4D9-07F57E226385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.6:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "0026CDBB-92E2-45DE-9637-F18224CE3E6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.7:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "12AC5934-DAC3-4866-B31F-71EC14F42CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:6.0.8:*:microsoft_exchange:*:*:*:*:*",
"matchCriteriaId": "A7604B25-6AA0-4814-A8D4-780811A247B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.3.25:*:domino:*:*:*:*:*",
"matchCriteriaId": "07FADB30-A418-43C5-A798-4769C5350E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.4.29:*:domino:*:*:*:*:*",
"matchCriteriaId": "6EAB0E10-A62F-42DB-BA86-FBFCFCF0E13D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.5.32:*:domino:*:*:*:*:*",
"matchCriteriaId": "70F1A708-9914-4875-B594-D8A9D65182D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.6:*:domino:*:*:*:*:*",
"matchCriteriaId": "5D04308D-D372-4760-B67F-A25DEEDF52E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.7:*:domino:*:*:*:*:*",
"matchCriteriaId": "F15656D0-F6A6-43EE-86AF-2263B49FFA75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:7.5.8:*:domino:*:*:*:*:*",
"matchCriteriaId": "5E8F8098-9697-4536-B8C6-6224D9A1C6F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0:*:domino:*:*:*:*:*",
"matchCriteriaId": "2ABC5ED9-168A-4420-9286-179345BD89DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0.1:*:domino:*:*:*:*:*",
"matchCriteriaId": "D6A7646A-74D8-4BA6-BE5C-06A55CB3CECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:mail_security:8.0.2:*:domino:*:*:*:*:*",
"matchCriteriaId": "6193ECEF-1412-4887-98FD-F37122897AC6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to execute arbitrary code via a crafted OLE document that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en kvolefio.dll v8.5.0.8339 y v10.5.0.0 en Autonomy KeyView Filter SDK, tal y como se utiliza en IBM Lotus Notes v8.5, Symantec Mail Security para Microsoft Exchange desde v5.0.10 hasta v5.0.13, y otros productos, permite a atacantes dependientes del contexto ejecutar codigo arbitrario a traves de documentos OLE que inicianun desbordamiento de memoria dinamica."
}
],
"id": "CVE-2009-3032",
"lastModified": "2024-11-21T01:06:21.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-03-05T19:30:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/38468"
},
{
"source": "cve@mitre.org",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=858"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21440812"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/38468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=2010\u0026suid=20100304_00"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}