Lucene search

K

[email protected]CVE-2010-1033

HistoryApr 21, 2010 - 2:30 p.m.

CVE-2010-1033

2010-04-2114:30:00

CWE-119

[email protected]

web.nvd.nist.gov

23

cve-2010-1033

hp operations manager

activex control

buffer overflow

remote code execution

nvd

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.329 Low

EPSS

Percentile

97.0%

Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll.

CPENameOperatorVersion
hp:operations_managerhp operations managereq8.10
hp:operations_managerhp operations managereq8.16
hp:operations_managerhp operations managereq7.5

References

h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02078800

net-ninja.net/blog/media/blogs/b/exploits/hpoperationsmngr.html.txt

secunia.com/advisories/39538

securitytracker.com/id?1023894

www.corelan.be:8800/advisories.php?id=CORELAN-10-027

www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/hpoperationsmngr.html.txt

www.securityfocus.com/bid/39578

www.vupen.com/english/advisories/2010/0946

exchange.xforce.ibmcloud.com/vulnerabilities/57938

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.329 Low

EPSS

Percentile

97.0%

Related for CVE-2010-1033

packetstorm1 seebug1 prion1 nessus1 securityvulns2 exploitpack1 exploitdb1