CVE-2011-4791

2012-02-0304:05:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2011-4791

dbserver.exe

hp data protector

remote code execution

nvd

7.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.027 Low

EPSS

Percentile

90.3%

JSON

DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field.

CPENameOperatorVersion
hp:data_protector_media_operationshp data protector media operationseq5.1
hp:data_protector_media_operationshp data protector media operationseq5.0
hp:data_protector_media_operationshp data protector media operationseq5.5
hp:data_protector_media_operationshp data protector media operationsle6.11
hp:data_protector_media_operationshp data protector media operationseq6.10

CPE	Name	Operator	Version
hp:data_protector_media_operations	hp data protector media operations	eq	5.1
hp:data_protector_media_operations	hp data protector media operations	eq	5.0
hp:data_protector_media_operations	hp data protector media operations	eq	5.5
hp:data_protector_media_operations	hp data protector media operations	le	6.11
hp:data_protector_media_operations	hp data protector media operations	eq	6.10