Stack-Based Buffer Overflow in HP Operations Manager by Tetradyne ActiveX Control
CVE-2010-1033

Currently unrated

Key Information:

Vendor: HP
Status: Operations Manager
Vendor: CVE Published:; 21 April 2010

Summary

The Tetradyne ActiveX control in HP Operations Manager versions 7.5, 8.10, and 8.16 contains multiple stack-based buffer overflow vulnerabilities. These flaws can be exploited by remote attackers through specially crafted long string arguments passed to the LoadFile or SaveFile methods. This situation can potentially lead to arbitrary code execution, allowing attackers to gain unauthorized access to the affected system.

References

http://www.securityfocus.com/bid/39578

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/57938

vdb-entryx_refsource_XF

http://secunia.com/advisories/39538

third-party-advisoryx_refsource_SECUNIA

EPSS Score

27% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 21, 2010
Vulnerability Reserved
Mar 19, 2010