← Back to CVEs
CVE-2009-3699
N/ADescription
Stack-based buffer overflow in libcsa.a (aka the calendar daemon library) in IBM AIX 5.x through 5.3.10 and 6.x through 6.1.3, and VIOS 2.1 and earlier, allows remote attackers to execute arbitrary code via a long XDR string in the first argument to procedure 21 of rpc.cmsd.
CVE Details
CVSS v3.1 ScoreN/A
Published10/15/2009
Last Modified4/23/2026
Sourcenvd
Honeypot Sightings0
Affected Products
ibm:aixibm:vios
Weaknesses (CWE)
CWE-119
References
http://secunia.com/advisories/36978(cve@mitre.org)
http://securitytracker.com/id?1022996(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ61628(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ61717(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62123(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62237(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62569(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62570(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62571(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62572(cve@mitre.org)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62672(cve@mitre.org)
http://www.osvdb.org/58726(cve@mitre.org)
http://www.securityfocus.com/bid/36615(cve@mitre.org)
http://www.vupen.com/english/advisories/2009/2846(cve@mitre.org)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53681(cve@mitre.org)
http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc(af854a3a-2127-422b-91ae-364da2661108)
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=825(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/36978(af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1022996(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ61628(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ61717(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62123(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62237(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62569(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62570(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62571(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62572(af854a3a-2127-422b-91ae-364da2661108)
http://www.ibm.com/support/docview.wss?uid=isg1IZ62672(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/58726(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/36615(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/2846(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/53681(af854a3a-2127-422b-91ae-364da2661108)
https://www.immunityinc.com/downloads/immpartners/aixcmsd10092009.tar.gz(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.