CVE-2010-3281

Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before R5.1.06.03.c_Patch3 allows remote attackers to execute arbitrary code or cause a denial of service (service crash) via a long request.

Published: Sep 23, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-3281
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.4
AV:A/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
alcatel-lucent / omnivista_4760_server	4.1.13.00	4.1.13.00.x
alcatel-lucent / omnivista_4760_server	5.1	5.1.x
alcatel-lucent / omnivista_4760_server	5.1.06.03.c	5.1.06.03.c.x
alcatel-lucent / omnivista_4760_server	5.0	5.0.x
alcatel-lucent / omnivista_4760_server	-	5.1.06.03.c.x

http://secunia.com/advisories/41508
http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2010002.pdf
http://www.nruns.com/_downloads/nruns-SA-2010-002.pdf
http://www.securityfocus.com/archive/1/513865
http://www.securityfocus.com/archive/1/513866
http://www.securityfocus.com/bid/43338
http://www.vupen.com/english/advisories/2010/2460
https://exchange.xforce.ibmcloud.com/vulnerabilities/61922

Vulnerability Database

290,278

CVE-2010-3281