Vulnerability Details CVE-2012-3278
Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.41
EPSS Ranking 97.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://www.zerodayinitiative.com/advisories/ZDI-12-162/
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03645497
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03645497
- http://www.zerodayinitiative.com/advisories/ZDI-12-162/
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03645497
- https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03645497
Products affected by CVE-2012-3278
-
cpe:2.3:a:hp:diagnostics_server:8.00
-
cpe:2.3:a:hp:diagnostics_server:8.01
-
cpe:2.3:a:hp:diagnostics_server:8.02
-
cpe:2.3:a:hp:diagnostics_server:8.03
-
cpe:2.3:a:hp:diagnostics_server:8.04
-
cpe:2.3:a:hp:diagnostics_server:8.05
-
cpe:2.3:a:hp:diagnostics_server:8.06
-
cpe:2.3:a:hp:diagnostics_server:8.07
-
cpe:2.3:a:hp:diagnostics_server:9.00
-
cpe:2.3:a:hp:diagnostics_server:9.01
-
cpe:2.3:a:hp:diagnostics_server:9.02
-
cpe:2.3:a:hp:diagnostics_server:9.10
-
cpe:2.3:a:hp:diagnostics_server:9.12
-
cpe:2.3:a:hp:diagnostics_server:9.20
-
cpe:2.3:a:hp:diagnostics_server:9.21