SAINT CorporationSAINT:649DC7754E9424B5B8D6B27908969B08HP Data Protector Express Opcode 0x320 Overflow
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.959 High
EPSS
Percentile
99.3%
Added: 07/23/2012
CVE: CVE-2012-0121
BID: 52431
OSVDB: 80102
Background
HP Data Protector Express is a backup and recovery solution for single machines and small networks.
Problem
A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not sufficiently validated. A remote unauthenticated attacker may exploit this vulnerability to gain execution access on the target system.
Resolution
Apply the patch referenced in HP Security Bulletin HPSBMU02746 SSRT100781.
References
<http://www.zerodayinitiative.com/advisories/ZDI-12-097/>
Limitations
This exploit has been tested against HP Data Protector Express 6.0.00.11974 on Windows XP SP3 English (DEP OptIn).
Platforms
Windows
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.959 High
EPSS
Percentile
99.3%