CVE-2010-1124

EUVD-2010-1155
bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after a successful getaddrinfo function call, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors, as demonstrated by IBM DB2 crashes on "systems with databases cataloged with alternate servers using IP addresses."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
Affected Products (NVD)
VendorProductVersion
ibmaix
5.3
ibmaix
5.3.0
𝑥
= Vulnerable software versions
References
http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710
http://www.securityfocus.com/bid/38964
http://www-01.ibm.com/support/docview.wss?uid=isg1IZ66710
http://www.securityfocus.com/bid/38964