Description
Multiple buffer overflows in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 and 4.0.1 before FP1 allow context-dependent attackers to execute arbitrary code or cause a denial of service via a long line in (1) hrfstable.idx, (2) hrdevice.idx, (3) hrstorage.idx, or (4) lotusmapfile in the SSM Config directory, or (5) .manifest.hive in the main agent directory.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/82333
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21638459
Scores
EPSS
0.0297
EPSS Percentile
85.6%
Details
CWE
CWE-119
Status
published
Products (4)
ibm/tivoli_netcool_application_service_monitors
4.0.0
ibm/tivoli_netcool_application_service_monitors
4.0.1
ibm/tivoli_netcool_system_service_monitors
4.0.0
ibm/tivoli_netcool_system_service_monitors
4.0.1
Published
Jun 05, 2013
Tracked Since
Feb 18, 2026