| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
9051 |
CVE-2013-1243 |
119 |
|
DoS Overflow |
2013-07-18 |
2013-10-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The IP stack in Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software and hardware modules before 7.1(5)E4, IPS 4500 sensors before 7.1(6)E4, and IPS 4300 sensors before 7.1(5)E4 allows remote attackers to cause a denial of service (MainApp process hang) via malformed IPv4 packets, aka Bug ID CSCtx18596. |
|
9052 |
CVE-2013-1236 |
20 |
|
DoS |
2013-05-15 |
2013-05-16 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco TelePresence Supervisor MSE 8050 before 2.3(1.31) allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing TCP connections at a high rate, aka Bug IDs CSCuf76076 and CSCuf79763. |
|
9053 |
CVE-2013-1225 |
264 |
|
|
2013-05-09 |
2013-05-09 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to read arbitrary files via a Resource Manager (1) HTTP or (2) HTTPS request containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka Bug ID CSCub38366. |
|
9054 |
CVE-2013-1224 |
22 |
|
Dir. Trav. |
2013-05-09 |
2013-07-08 |
7.8 |
None |
Remote |
Low |
Not required |
None |
Complete |
None |
|
Directory traversal vulnerability in the Resource Manager in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to overwrite arbitrary files via a crafted (1) HTTP or (2) HTTPS request that triggers incorrect parameter validation, aka Bug ID CSCub38369. |
|
9055 |
CVE-2013-1223 |
20 |
|
|
2013-05-09 |
2013-05-09 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
The log viewer in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly validate an unspecified parameter, which allows remote attackers to read arbitrary files via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38372. |
|
9056 |
CVE-2013-1222 |
16 |
|
|
2013-05-09 |
2013-05-09 |
7.8 |
None |
Remote |
Low |
Not required |
None |
Complete |
None |
|
The Tomcat Web Management feature in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 does not properly configure Tomcat components, which allows remote attackers to launch arbitrary custom web applications via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCub38379. |
|
9057 |
CVE-2013-1220 |
|
|
DoS |
2013-05-09 |
2013-05-09 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The CallServer component in Cisco Unified Customer Voice Portal (CVP) Software before 9.0.1 ES 11 allows remote attackers to cause a denial of service (call-acceptance outage) via malformed SIP INVITE messages, aka Bug ID CSCua65148. |
|
9058 |
CVE-2013-1218 |
119 |
|
DoS Overflow |
2013-07-18 |
2013-07-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device reload) via fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCue51272. |
|
9059 |
CVE-2013-1191 |
264 |
|
+Priv |
2014-05-25 |
2014-05-27 |
7.1 |
None |
Remote |
High |
Single system |
Complete |
Complete |
Complete |
|
Cisco NX-OS 6.1 before 6.1(5) on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via crafted SSH key data in an SSH session to a management interface, aka Bug ID CSCud88400. |
|
9060 |
CVE-2013-1186 |
287 |
|
Bypass |
2013-04-25 |
2013-05-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cisco Unified Computing System (UCS) 1.x before 1.4(4) and 2.x before 2.0(2m) allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller (IMC), aka Bug ID CSCts53746. |
|
9061 |
CVE-2013-1184 |
20 |
|
DoS |
2013-04-25 |
2013-04-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The management API in the XML API management service in the Manager component in Cisco Unified Computing System (UCS) 1.x before 1.2(1b) allows remote attackers to cause a denial of service (service outage) via a malformed request, aka Bug ID CSCtg48206. |
|
9062 |
CVE-2013-1181 |
20 |
|
DoS |
2013-04-25 |
2018-10-30 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco NX-OS on Nexus 5500 devices 4.x and 5.x before 5.0(3)N2(2), Nexus 3000 devices 5.x before 5.0(3)U3(2), and Unified Computing System (UCS) 6200 devices before 2.0(1w) allows remote attackers to cause a denial of service (device reload) by sending a jumbo packet to the management interface, aka Bug IDs CSCtx17544, CSCts10593, and CSCtx95389. |
|
9063 |
CVE-2013-1177 |
89 |
|
Exec Code Sql |
2013-04-18 |
2013-04-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095. |
|
9064 |
CVE-2013-1176 |
20 |
|
DoS |
2013-04-18 |
2013-04-19 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448. |
|
9065 |
CVE-2013-1170 |
255 |
|
DoS |
2013-04-11 |
2013-04-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Cisco Prime Network Control System (NCS) appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the configuration or cause a denial of service (service disruption) via unspecified vectors, aka Bug ID CSCtz30468. |
|
9066 |
CVE-2013-1168 |
|
|
|
2013-04-11 |
2013-04-15 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a session cookie, aka Bug ID CSCuc64885. |
|
9067 |
CVE-2013-1167 |
22 |
|
DoS Dir. Trav. |
2013-04-11 |
2013-04-11 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Cisco IOS XE 3.2 through 3.4 before 3.4.2S, and 3.5, on 1000 series Aggregation Services Routers (ASR), when bridge domain interface (BDI) is enabled, allows remote attackers to cause a denial of service (card reload) via packets that are not properly handled during the processing of encapsulation, aka Bug ID CSCtt11558. |
|
9068 |
CVE-2013-1166 |
20 |
|
DoS |
2013-04-11 |
2013-04-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR), when VRF-aware NAT and SIP ALG are enabled, allows remote attackers to cause a denial of service (card reload) by sending many SIP packets, aka Bug ID CSCuc65609. |
|
9069 |
CVE-2013-1165 |
20 |
|
DoS |
2013-04-11 |
2013-04-11 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation Services Routers (ASR) allows remote attackers to cause a denial of service (card reload) by sending many crafted L2TP packets, aka Bug ID CSCtz23293. |
|
9070 |
CVE-2013-1164 |
|
|
DoS |
2013-04-11 |
2013-04-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS XE 3.4 before 3.4.4S, 3.5, and 3.6 on 1000 series Aggregation Services Routers (ASR) does not properly implement the Cisco Multicast Leaf Recycle Elimination (MLRE) feature, which allows remote attackers to cause a denial of service (card reload) via fragmented IPv6 multicast packets, aka Bug ID CSCtz97563. |
|
9071 |
CVE-2013-1163 |
89 |
|
Exec Code Sql |
2013-04-01 |
2013-04-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple SQL injection vulnerabilities in the device-management implementation in Cisco Connected Grid Network Management System (CG-NMS) allow remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug IDs CSCue14553 and CSCue38746. |
|
9072 |
CVE-2013-1155 |
287 |
|
DoS |
2013-04-11 |
2013-04-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624. |
|
9073 |
CVE-2013-1152 |
|
|
DoS |
2013-04-11 |
2013-04-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080. |
|
9074 |
CVE-2013-1151 |
20 |
|
DoS |
2013-04-11 |
2013-04-11 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408. |
|
9075 |
CVE-2013-1150 |
287 |
|
DoS |
2013-04-11 |
2013-04-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590. |
|
9076 |
CVE-2013-1149 |
|
|
DoS |
2013-04-11 |
2013-04-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 before 8.2(5.35), 8.3 before 8.3(2.34), 8.4 before 8.4(4.11), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3), and Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(24.1) and 4.0 and 4.1 before 4.1(11.1), allow remote attackers to cause a denial of service (device reload) via a crafted IKEv1 message, aka Bug IDs CSCub85692 and CSCud20267. |
|
9077 |
CVE-2013-1148 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-03-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The General Responder implementation in the IP Service Level Agreement (SLA) feature in Cisco IOS 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S allows remote attackers to cause a denial of service (device reload) via crafted (1) IPv4 or (2) IPv6 IP SLA packets on UDP port 1167, aka Bug ID CSCuc72594. |
|
9078 |
CVE-2013-1147 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-04-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Protocol Translation (PT) functionality in Cisco IOS 12.3 through 12.4 and 15.0 through 15.3, when one-step port-23 translation or a Telnet-to-PAD ruleset is configured, does not properly validate TCP connection information, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a PT resource, aka Bug ID CSCtz35999. |
|
9079 |
CVE-2013-1146 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-03-29 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Smart Install client functionality in Cisco IOS 12.2 and 15.0 through 15.3 on Catalyst switches allows remote attackers to cause a denial of service (device reload) via crafted image list parameters in Smart Install packets, aka Bug ID CSCub55790. |
|
9080 |
CVE-2013-1145 |
399 |
|
DoS |
2013-03-28 |
2013-04-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in Cisco IOS 12.2, 12.4, 15.0, and 15.1, when Zone-Based Policy Firewall SIP application layer gateway inspection is enabled, allows remote attackers to cause a denial of service (memory consumption or device reload) via malformed SIP messages, aka Bug ID CSCtl99174. |
|
9081 |
CVE-2013-1144 |
399 |
|
DoS |
2013-03-28 |
2013-04-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the IKEv1 implementation in Cisco IOS 15.1 allows remote attackers to cause a denial of service (memory consumption) via unspecified (1) IPv4 or (2) IPv6 IKE packets, aka Bug ID CSCth81055. |
|
9082 |
CVE-2013-1143 |
119 |
|
DoS Overflow |
2013-03-28 |
2013-03-29 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The RSVP protocol implementation in Cisco IOS 12.2 and 15.0 through 15.2 and IOS XE 3.1.xS through 3.4.xS before 3.4.5S and 3.5.xS through 3.7.xS before 3.7.2S, when MPLS-TE is enabled, allows remote attackers to cause a denial of service (incorrect memory access and device reload) via a traffic engineering PATH message in an RSVP packet, aka Bug ID CSCtg39957. |
|
9083 |
CVE-2013-1142 |
362 |
|
DoS |
2013-03-28 |
2013-04-10 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Race condition in the VRF-aware NAT feature in Cisco IOS 12.2 through 12.4 and 15.0 through 15.2 allows remote attackers to cause a denial of service (memory consumption) via IPv4 packets, aka Bug IDs CSCtg47129 and CSCtz96745. |
|
9084 |
CVE-2013-1137 |
119 |
|
DoS Overflow |
2013-02-27 |
2013-02-28 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930. |
|
9085 |
CVE-2013-1135 |
20 |
|
DoS |
2013-02-27 |
2013-03-22 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 9043 or (2) 9443, aka Bug ID CSCuc07155. |
|
9086 |
CVE-2013-1134 |
287 |
|
DoS |
2013-02-27 |
2013-02-28 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920. |
|
9087 |
CVE-2013-1133 |
20 |
|
DoS |
2013-02-27 |
2013-03-04 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337. |
|
9088 |
CVE-2013-1103 |
|
|
DoS |
2013-01-24 |
2013-02-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.220.0, 7.1 before 7.1.91.0, and 7.2 before 7.2.103.0 allow remote attackers to cause a denial of service (Access Point reload) via crafted SIP packets, aka Bug ID CSCts87659. |
|
9089 |
CVE-2013-1102 |
|
|
DoS |
2013-01-24 |
2013-02-02 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Wireless Intrusion Prevention System (wIPS) component on Cisco Wireless LAN Controller (WLC) devices with software 7.0 before 7.0.235.0, 7.1 and 7.2 before 7.2.110.0, and 7.3 before 7.3.101.0 allows remote attackers to cause a denial of service (device reload) via crafted IP packets, aka Bug ID CSCtx80743. |
|
9090 |
CVE-2013-1092 |
|
|
+Priv |
2013-05-05 |
2013-05-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe. |
|
9091 |
CVE-2013-1090 |
264 |
|
+Priv |
2013-12-06 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors. |
|
9092 |
CVE-2013-1082 |
22 |
|
Dir. Trav. |
2013-03-29 |
2013-03-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter. |
|
9093 |
CVE-2013-1081 |
22 |
|
Dir. Trav. |
2013-03-11 |
2013-03-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter. |
|
9094 |
CVE-2013-1059 |
|
|
DoS |
2013-07-08 |
2014-01-03 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. |
|
9095 |
CVE-2013-1052 |
264 |
|
+Priv |
2013-03-21 |
2017-08-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
pam-xdg-support, as used in Ubuntu 12.10, does not properly handle the PATH environment variable, which allows local users to gain privileges via unspecified vectors related to sudo. |
|
9096 |
CVE-2013-1050 |
264 |
|
Bypass |
2013-03-08 |
2013-03-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The default configuration in gnome-screensaver 3.5.4 through 3.6.0 sets the AutostartCondition line to fallback mode in the .desktop file, which prevents the program from starting automatically after login and allows physically proximate attackers to bypass screen locking and access an unattended workstation. |
|
9097 |
CVE-2013-0981 |
|
|
+Priv |
2013-03-20 |
2013-03-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code. |
|
9098 |
CVE-2013-0940 |
264 |
|
+Priv |
2013-05-03 |
2013-05-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. |
|
9099 |
CVE-2013-0930 |
119 |
|
Exec Code Overflow |
2013-01-31 |
2013-02-11 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Drive Control Program (DCP) in EMC AlphaStor 4.0 before build 814 allows remote attackers to execute arbitrary code via vectors involving a new device name. |
|
9100 |
CVE-2013-0929 |
134 |
|
Exec Code |
2013-01-21 |
2016-08-18 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in the _vsnsprintf function in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary code via format string specifiers in a command. |
