Vulnerability Description
bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Aix | 5.3 |
References
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710Vendor Advisory
- http://www.securityfocus.com/bid/38964
- http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710Vendor Advisory
- http://www.securityfocus.com/bid/38964
FAQ
What is CVE-2010-1124?
CVE-2010-1124 is a vulnerability with a CVSS score of 7.8 (HIGH). bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial o...
How severe is CVE-2010-1124?
CVE-2010-1124 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1124?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Aix.