Vulnerability Details CVE-2010-1033
Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.27
EPSS Ranking 96.1%
CVSS Severity
CVSS v2 Score 9.3
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02078800
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02078800
- http://net-ninja.net/blog/media/blogs/b/exploits/hpoperationsmngr.html.txt
- http://secunia.com/advisories/39538
- http://securitytracker.com/id?1023894
- http://www.corelan.be:8800/advisories.php?id=CORELAN-10-027
- http://www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/hpoperationsmngr.html.txt
- http://www.securityfocus.com/bid/39578
- http://www.vupen.com/english/advisories/2010/0946
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57938
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02078800
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02078800
- http://net-ninja.net/blog/media/blogs/b/exploits/hpoperationsmngr.html.txt
- http://secunia.com/advisories/39538
- http://securitytracker.com/id?1023894
- http://www.corelan.be:8800/advisories.php?id=CORELAN-10-027
- http://www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/hpoperationsmngr.html.txt
- http://www.securityfocus.com/bid/39578
- http://www.vupen.com/english/advisories/2010/0946
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57938
Products affected by CVE-2010-1033
-
cpe:2.3:a:hp:operations_manager:7.5
-
cpe:2.3:a:hp:operations_manager:8.10
-
cpe:2.3:a:hp:operations_manager:8.16