Vulnerability in Emc Alphastor

CVE-2013-0929

Format string vulnerability in the _vsnsprintf function in rrobotd.exe in the Device Manager in EMC AlphaStor 4.0 before build 800 allows remote attackers to execute arbitrary code via format string specifiers in a command.

EPSS: 0.120 (93.9th percentile) — read the EPSS interpretation.

Affected products

Emc Alphastor — versions 4.0
N/a — versions n/a

Weakness classification (CWE)

CWE-134 — Use of Externally-Controlled Format String

References

20130118 ESA-2013-008: EMC AlphaStor Multiple Vulnerabilities (mailing-list, x_refsource_BUGTRAQ, Broken Link)
57472 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)