CVE-2011-4164

Related Files

Zero Day Initiative Advisory 12-089

Posted Jun 7, 2012

Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable applications using DataDirect's SequeLink. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application processes GIOP packets. When processing a specific GIOP packet, the application will trust a size field in the packet. The application will use this size in a copy operation into a statically sized buffer which can cause a buffer overflow. This can lead to code execution under the context of the service.

tags | advisory, remote, overflow, arbitrary, code execution

advisories | CVE-2011-4164

SHA-256 | 43d89dc6d8f2896d4073d62babb332c51c310b1770c3161b7ee5c9e499ed4724

Download | Favorite | View

HP Security Bulletin HPSBMU02731 SSRT100518

Posted Dec 29, 2011

Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02731 SSRT100518 - Potential security vulnerabilities have been identified with HP Database Archiving Software. These vulnerabilities could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability

advisories | CVE-2011-4163, CVE-2011-4164, CVE-2011-4165

SHA-256 | 8e6550c3b4010ae9fff5a60a6fc38b1503871ae9afe73a86b159c933b17a424e

Download | Favorite | View