4 matches found
CVE-2013-4810
HP ProCurve Manager (PCM) 3.20/4.0, PCM+ 3.20/4.0, Identity Driven Manager (IDM) 4.0, and Application Lifecycle Management are affected. The root cause is a remote code execution vector via a marshalled object to the EJBInvokerServlet or JMXInvokerServlet, enabling an attacker to execute arbitrar...
CVE-2013-4834
CVE-2013-4834 affects HP Application LifeCycle Management (ALM) client component prior to ALM v11 p11, allowing remote execution of arbitrary code due to an unspecified vulnerability vector. The HP/HP Zero Day Initiative bulletin (and related HP security notes) states that a patch is available: u...
CVE-2014-2631
CVE-2014-2631 affects HP Application Lifecycle Management / Quality Center 11.5x and 12.0x. The root cause is a DLL planting elevation-of-privilege flaw in ACLs on a specific installed directory, enabling a remote attacker with an unprivileged account to place a malicious DLL and trigger code exe...
CVE-2013-4802
CVE-2013-4802 affects HP Application Lifecycle Management (ALM) Quality Center prior to v11.51. The flaw is a cross-site scripting (XSS) vulnerability due to improper sanitization of HTML messages, allowing remote attackers to inject arbitrary JavaScript via unspecified vectors. Exploitation requ...