CVE-2008-0963

Published: Apr 14, 2008Modified: Apr 23, 2026

9.0

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability: 8.0 / Impact: 10.0

Source: NVD

Description

Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface.

Affected (1)

Products: Emc: Diskxtender

Emc

1 product

Diskxtender

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Emc Diskxtender	Version 6.20.060

Related CWEs

CWE-134

Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (16)

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=685

Source: cve@mitre.org

http://secunia.com/advisories/29778

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/44417

Source: cve@mitre.org

http://www.securityfocus.com/bid/28727

Source: cve@mitre.org

http://www.securityfocus.com/bid/28729

Source: cve@mitre.org

http://www.securitytracker.com/id?1019829

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/1198/references

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/41773

Source: cve@mitre.org

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=685