CVE-2010-3040
published 2010-11-09CVE-2010-3040: Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute…
PriorityP258critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
7.99%
94.0th percentile
Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.0 allow remote attackers to execute arbitrary code via a long parameter in a (1) HandleUpgradeAll, (2) AgentUpgrade, (3) HandleQueryNodeInfoReq, or (4) HandleUpgradeTrace TCP packet, aka Bug IDs CSCti45698, CSCti45715, CSCti45726, and CSCti46164.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | intelligent_contact_manager | <= 6.0\(0\)a\(1\) | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
| cisco | intelligent_contact_manager | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/42146http://securitytracker.com/id?1024693http://tools.cisco.com/security/center/viewAlert.x?alertId=21726http://www.securityfocus.com/bid/44699http://www.vupen.com/english/advisories/2010/2914http://www.zerodayinitiative.com/advisories/ZDI-10-232/http://www.zerodayinitiative.com/advisories/ZDI-10-233/http://www.zerodayinitiative.com/advisories/ZDI-10-234/http://www.zerodayinitiative.com/advisories/ZDI-10-235/http://secunia.com/advisories/42146http://securitytracker.com/id?1024693http://tools.cisco.com/security/center/viewAlert.x?alertId=21726http://www.securityfocus.com/bid/44699http://www.vupen.com/english/advisories/2010/2914http://www.zerodayinitiative.com/advisories/ZDI-10-232/http://www.zerodayinitiative.com/advisories/ZDI-10-233/http://www.zerodayinitiative.com/advisories/ZDI-10-234/http://www.zerodayinitiative.com/advisories/ZDI-10-235/
2010-11-09
Published