CVE-2008-3684

{"id": "CVE-2008-3684", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-10-22T16:00:00.437", "references": [{"url": "http://secunia.com/advisories/37070", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-096/", "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in aws_tmxn.exe in the Admin Agent service in the server in EMC Documentum ApplicationXtender Workflow, possibly 5.40 SP1 and earlier, allows remote attackers to execute arbitrary code via crafted packet data to TCP port 2606."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el servicio Admin Agent en el servidor en EMC Documentum ApplicationXtender Workflow, posiblemente v5.40 SP1 y anteriores, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de paquete de datos manipulado al puerto 2606."}], "lastModified": "2009-11-23T05:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:emc:documentum_applicationxtender:*:sp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3C437FA-D6B5-48B5-BA46-D318FC8B8A7A", "versionEndIncluding": "5.40"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}