Cisco CiscoWorks Internetwork Performance Monitor CORBA GIOP Remote Buffer Overflow Vulnerability

Cisco CiscoWorks Internetwork Performance Monitor CORBA GIOP Remote Buffer Overflow Vulnerability

Cisco CiscoWorks Internetwork Performance Monitor (IPM) is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data.

Remote attackers can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed attacks will likely cause denial-of-service conditions.

This issue is documented by Cisco Bug ID CSCsv62350.

NOTE: IPM is built with an unsupported third-party component; Cisco indicates that updates to IPM will not be available.

This issue affects CiscoWorks IPM 2.6 and earlier for Microsoft Windows.