CVE-2010-3984 : Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft High Availability

Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft High Availability r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft Content Distribution r12.0 SP1 and r12.5 SP2 rollup, and CA ARCserve Replication and High Availability (RHA) r15.0 SP1 allows remote attackers to execute arbitrary code via a crafted create_session_bab operation in a SOAP request to xosoapapi.asmx.

Published 2011-01-07 23:00:19

Updated 2018-10-10 20:06:10

Source MITRE

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2010-3984

Probability of exploitation activity in the next 30 days: 45.61%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2010-3984

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2010-3984

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2010-3984

http://www.securityfocus.com/archive/1/515115/100/0/threaded

SecurityFocus
http://www.zerodayinitiative.com/advisories/ZDI-10-263/

ZDI-10-263 | Zero Day Initiative
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7bFEB41CE8-5023-46DF-B257-5299F492BF23%7d

404 Not Found
Vendor Advisory
http://www.securitytracker.com/id?1024852

CA XOsoft Buffer Overflow in Processing SOAP Requests Lets Remote Users Execute Arbitrary Code - SecurityTracker
http://www.securityfocus.com/bid/45317

Computer Associates XOsoft SOAP Request Remote Buffer Overflow Vulnerability

Products affected by CVE-2010-3984

CA » Xosoft Content Distribution » Version: R12.0 Update SP1
cpe:2.3:a:ca:xosoft_content_distribution:r12.0:sp1:*:*:*:*:*:*
Matching versions
CA » Xosoft Content Distribution » Version: R12.5 Update SP2
cpe:2.3:a:ca:xosoft_content_distribution:r12.5:sp2:*:*:*:*:*:*
Matching versions
CA » Xosoft High Availability » Version: R12.0 Update SP1
cpe:2.3:a:ca:xosoft_high_availability:r12.0:sp1:*:*:*:*:*:*
Matching versions
CA » Xosoft High Availability » Version: R12.5 Update SP2
cpe:2.3:a:ca:xosoft_high_availability:r12.5:sp2:*:*:*:*:*:*
Matching versions
CA » Xosoft Replication » Version: R12.0 Update SP1
cpe:2.3:a:ca:xosoft_replication:r12.0:sp1:*:*:*:*:*:*
Matching versions
CA » Xosoft Replication » Version: R12.5 Update SP2
cpe:2.3:a:ca:xosoft_replication:r12.5:sp2:*:*:*:*:*:*
Matching versions
CA » Arcserve Replication And High Availability » Version: R15.0 Update SP1
cpe:2.3:a:ca:arcserve_replication_and_high_availability:r15.0:sp1:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2010-3984

Exploit prediction scoring system (EPSS) score for CVE-2010-3984

CVSS scores for CVE-2010-3984

CWE ids for CVE-2010-3984

References for CVE-2010-3984

Products affected by CVE-2010-3984