Oracle Solaris CDE Calendar Manager Service Daemon Remote Buffer Overflow Vulnerability
Oracle Solaris is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. This issue affects the CDE Calendar Manager Remote Procedure Call (RPC) service ('rpc.cmsd').
Remote attackers can exploit this issue to execute arbitrary code with superuser privileges, which can result in the complete compromise of affected computers. Failed exploit attempts will cause a denial-of-service condition.
This vulnerability affects the following supported versions:
8, 9, 10