ZDI-12-089 : HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-089 : HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-089 June 6, 2012 - -- CVE ID: CVE-2011-4164 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors:...

[security bulletin] HPSBMU02731 SSRT100518 rev.1 - HP Database Archiving Software, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03128302 Version: 1 HPSBMU02731 SSRT100518 rev.1 - HP Database Archiving Software, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as soo...

CVE-2011-4164

Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214...

CVE-2011-4164

HP Database Archiving Software 6.31 is affected by CVE-2011-4164 via a GIOP parsing buffer overflow in HP DataDirect/OpenAccess components (SequeLink), enabling remote code execution. The advisory notes a trust of a packet size field into a fixed-size buffer leading to overflow and code execution...