cpe:/o:sun:sunos:5.8 cpe:/o:sun:sunos:5.9 cpe:/o:sun:sunos:5.10 CVE-2010-4435 2011-01-19T12:00:02.123-05:00 2017-09-18T21:31:43.987-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2011-01-20T14:34:00.000-05:00 SECTRACK 1024975 EXPLOIT-DB 16137 BUGTRAQ 20110208 CVE-2010-4435 - Multiple Vendor Calendar Manager Remote Code Execution BUGTRAQ 20110208 ZDI-11-062: Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability SECUNIA 42984 SECUNIA 43258 BID 45853 BID 46261 OSVDB 70569 SREASON 8069 VUPEN ADV-2011-0151 VUPEN ADV-2011-0352 HP HPSBUX02628 IAVM IAVM:2011-B-0026 HP SSRT090183 MISC http://aix.software.ibm.com/aix/efixes/security/cmsd_advisory.asc CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html MISC http://www.zerodayinitiative.com/advisories/ZDI-11-062/ XF solaris-cde-code-execution(64797) Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from other software vendors that this affects other operating systems, such as HP-UX, or claims from a reliable third party that this is a buffer overflow in rpc.cmsd via long XDR-encoded ASCII strings in RPC call 10.