Vulnerability Details CVE-2010-4840
Multiple buffer overflows in the Syslog server in ManageEngine EventLog Analyzer 6.1 allow remote attackers to cause a denial of service (SysEvttCol.exe process crash) or possibly execute arbitrary code via a long Syslog PRI message header to UDP port (1) 513 or (2) 514. Fixed in 7.2 Build 7020.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.9%
CVSS Severity
CVSS v2 Score 7.5
References
Products affected by CVE-2010-4840
-
cpe:2.3:a:manageengine:eventlog_analyzer:6.1