VIR Vulnerability Intelligence Relay

CVE-2013-0508

high
Published 2013-06-05 · Modified 2026-04-29
CVSS v3
CVSS v2
7.6
VIR risk
7.6

Description

Multiple buffer overflows in IBM Tivoli Netcool System Service Monitors (SSM) and Application Service Monitors (ASM) 4.0.0 before FP14 and 4.0.1 before FP1 allow context-dependent attackers to execute arbitrary code or cause a denial of service via a long line in (1) hrfstable.idx, (2) hrdevice.idx, (3) hrstorage.idx, or (4) lotusmapfile in the SSM Config directory, or (5) .manifest.hive in the main agent directory.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21638459

Application impact
VendorProductVersionsFixed
ibm ibmtivoli_netcool_application_service_monitors4.0.0
ibm ibmtivoli_netcool_application_service_monitors4.0.1
ibm ibmtivoli_netcool_system_service_monitors4.0.0
ibm ibmtivoli_netcool_system_service_monitors4.0.1

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.