CVE-2016-2946

HIGH

IBM Tivoli Monitoring - Stack-based Buffer Overflow in ax Shared Libraries

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the ax Shared Libraries in the Agent in IBM Tivoli Monitoring (ITM) 6.2.2 before FP9, 6.2.3 before FP5, and 6.3.0 before FP2 on Linux and UNIX allows local users to gain privileges via unspecified vectors.

References (3)

Core 3
Core References
Broken Link vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1IV85845
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21984578
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92389

Scores

CVSS v3 7.8
EPSS 0.0041
EPSS Percentile 32.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (12)
ibm/tivoli_monitoring 6.2.2
ibm/tivoli_monitoring 6.2.2.1
ibm/tivoli_monitoring 6.2.2.2
ibm/tivoli_monitoring 6.2.2.3
ibm/tivoli_monitoring 6.2.2.4
ibm/tivoli_monitoring 6.2.2.5
ibm/tivoli_monitoring 6.2.2.6
ibm/tivoli_monitoring 6.2.2.7
ibm/tivoli_monitoring 6.2.2.8
ibm/tivoli_monitoring 6.2.2.9
... and 2 more
Published Dec 01, 2016
Tracked Since Feb 18, 2026