Vulnerability Details CVE-2011-2608
ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Agent 4.70 and 5.0; and Operations Agent 11.0, 8.60.005, 8.60.006, 8.60.007, 8.60.008, 8.60.501, and 8.53; allows remote attackers to delete arbitrary files via a full pathname in the File field in a Register command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.6%
CVSS Severity
CVSS v2 Score 6.4
References
- http://aluigi.altervista.org/adv/ovbbccb_1-adv.txt
- http://marc.info/?l=bugtraq&m=131188898632504&w=2
- http://marc.info/?l=bugtraq&m=131188898632504&w=2
- http://secunia.com/advisories/45079
- http://securitytracker.com/id?1025715
- http://www.securityfocus.com/bid/48481
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68269
- http://aluigi.altervista.org/adv/ovbbccb_1-adv.txt
- http://marc.info/?l=bugtraq&m=131188898632504&w=2
- http://marc.info/?l=bugtraq&m=131188898632504&w=2
- http://secunia.com/advisories/45079
- http://securitytracker.com/id?1025715
- http://www.securityfocus.com/bid/48481
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68269
Products affected by CVE-2011-2608
-
cpe:2.3:a:hp:openview_performance_agent:4.70
-
cpe:2.3:a:hp:openview_performance_agent:5.0
-
cpe:2.3:a:hp:operations_agent:11.0
-
cpe:2.3:a:hp:operations_agent:8.53
-
cpe:2.3:a:hp:operations_agent:8.60.005
-
cpe:2.3:a:hp:operations_agent:8.60.006
-
cpe:2.3:a:hp:operations_agent:8.60.007
-
cpe:2.3:a:hp:operations_agent:8.60.008
-
cpe:2.3:a:hp:operations_agent:8.60.501