← Back

CVE-2010-1039

nvd nist
Published: May 20, 2010Modified: Apr 29, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.

Affected (42)

Products: Hp: Nfs/oncplus · Ibm: Aix, Vios · Sgi: Irix
Hp
1 product
Nfs/oncplus
Ibm
2 products
Aix
Vios
Sgi
1 product
Irix
Configuration A
1 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Nfs/oncplus
Up to b.11.31_09
Running on/withPlatform Versions
Hp
Hp Ux
Version b.11.11
Hp
Hp Ux
Version b.11.23
Hp
Hp Ux
Version b.11.31
Configuration B
37 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Aix
Up to 5.3
Aix
Version 1.2.1
Aix
Version 1.3
Aix
Version 2.2.1
Aix
Version 3.1
Aix
Version 3.2.0
Aix
Version 3.2.4
Aix
Version 3.2.5
Aix
Version 3.2
Aix
Version 4.0
Aix
Version 4.1.1
Aix
Version 4.1.2
Aix
Version 4.1.3
Aix
Version 4.1.4
Aix
Version 4.1.5
Aix
Version 4.1
Aix
Version 4.2.0
Aix
Version 4.2.1.12
Aix
Version 4.2.1
Aix
Version 4.2
Aix
Version 4.3.0
Aix
Version 4.3.1
Aix
Version 4.3.2
Aix
Version 4.3.3
Aix
Version 4.3
Aix
Version 430
Aix
Version 4
Aix
Version 5.1.0.10
Aix
Version 5.1
Aix
Version 5.1l
Aix
Version 5.2.0.50
Aix
Version 5.2.0.54
Aix
Version 5.2.0
Aix
Version 5.2.2
Aix
Version 5.2
Aix
Version 5.2_l
Aix
Version 6.1
Configuration C
3 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Vios
Up to 1.5
Vios
Version 1.4
Vios
Version 2.1
Configuration D
1 vulnerable
Vulnerable SoftwareAffected Versions
Irix
Version 6.5

Related CWEs

CWE-134
Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (52)

Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Vendor Advisory
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Vendor Advisory
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Patch
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Vendor Advisory
Source: hp-security-alert@hp.com
Vendor Advisory
Source: hp-security-alert@hp.com
Vendor Advisory
Source: hp-security-alert@hp.com
Vendor Advisory
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: hp-security-alert@hp.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.