Unspecified Remote Code Execution Vulnerability in Oracle Solaris 8, 9, and 10

Unspecified Remote Code Execution Vulnerability in Oracle Solaris 8, 9, and 10

CVE-2010-4435 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call 10.

Learn more about our Cis Benchmark Audit For Operating Systems.