NVD

Id
15229  
Name
CVE-2010-3894  
Description
Stack-based buffer overflow in the Java_com_ibm_es_oss_CryptionNative_ESEncrypt function in /opt/IBM/es/lib/libffq.cryptionjni.so in the login form in the administration interface in IBM OmniFind Enterprise Edition before 8.5 FP6 allows remote attackers to execute arbitrary code via a long password.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2010-11-12  
Modified Date
2010-12-01  
Seq
2010-3894  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
85830 15229 CVE-2010-3894 http://security.fatihkilic.de/advisory/fkilic-sa-2010-ibm-omnifind.txt  View
85831 15229 CVE-2010-3894 15474  View
85832 15229 CVE-2010-3894 20101109 IBM OmniFind - several vulnerabilities  View
85833 15229 CVE-2010-3894 44740  View
85834 15229 CVE-2010-3894 ADV-2010-2933  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37475 JVNDB-2010-003260 IBM OmniFind の Java_com_ibm_es_oss_CryptionNative_ESEncrypt 関数におけるスタックベースのバッファオーバーフローの脆弱性 IBM OmniFind の管理インタフェースのログインフォームの /opt/IBM/es/lib/libffq.cryptionjni.so の Java_com_ibm_es_oss_CryptionNative_ESEncrypt 関数には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2010-3894 46474 CVE-2010-3894 15229 9.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003260.html 2010-11-12 2012-03-27 View