Zero Day Initiative Advisory 12-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP packet, the application will trust a size field in the packet. The application will use this size in a copy operation into a statically sized buffer which can cause a buffer overflow. This can lead to code execution under the context of the service.
43d89dc6d8f2896d4073d62babb332c51c310b1770c3161b7ee5c9e499ed4724
HP Security Bulletin HPSBMU02731 SSRT100518 - Potential security vulnerabilities have been identified with HP Database Archiving Software. These vulnerabilities could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.
8e6550c3b4010ae9fff5a60a6fc38b1503871ae9afe73a86b159c933b17a424e