CVE-2011-4163

Related Files

Zero Day Initiative Advisory 12-088

Posted Jun 7, 2012

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-088 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP DataDirect SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application parses a packet that is received. When parsing a field in this packet, the application will use a signed length to copy data into a statically sized buffer located on the stack. This can lead to a buffer overflow on the stack and allow for code execution under the context of the service.

tags | advisory, remote, overflow, arbitrary, code execution

advisories | CVE-2011-4163

SHA-256 | f203aea2ee76cb87d0d30eb0dcf903a08388cd2b6769d0937ce793c27023bc74

Download | Favorite | View

HP Security Bulletin HPSBMU02731 SSRT100518

Posted Dec 29, 2011

Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02731 SSRT100518 - Potential security vulnerabilities have been identified with HP Database Archiving Software. These vulnerabilities could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability

advisories | CVE-2011-4163, CVE-2011-4164, CVE-2011-4165

SHA-256 | 8e6550c3b4010ae9fff5a60a6fc38b1503871ae9afe73a86b159c933b17a424e

Download | Favorite | View