CVE-2010-1039
published 2010-05-20CVE-2010-1039: Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and…
critical10CVSS 3.1
AVNACLAuNCCICAC
EXPLOIT
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hp | nfs_oncplus | <= b.11.31_09 | — |
| ibm | aix | <= 5.3 | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |
| ibm | aix | — | — |