Stack-based Buffer Overflow in HP OpenView Storage Data Protector
CVE-2011-1728

Currently unrated

Key Information:

Vendor: HP
Status: Openview Storage Data Protector
Vendor: CVE Published:; 7 May 2011

Summary

A stack-based buffer overflow exists in the Backup Client Service of HP OpenView Storage Data Protector, specifically within OmniInet.exe. This vulnerability enables remote attackers to execute arbitrary code by sending a specially crafted EXEC_BAR message to the affected services. If successful, an attacker could potentially gain control over the system, leading to unauthorized access and data compromise. Users of versions 6.00, 6.10, and 6.11 should take immediate action to apply the necessary patches and mitigate exposure to these risks.

References

http://www.securityfocus.com/archive/1/517764/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://zerodayinitiative.com/advisories/ZDI-11-144/

x_refsource_MISC

http://www.securityfocus.com/bid/47638

vdb-entryx_refsource_BID

EPSS Score

43% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 7, 2011
Vulnerability Reserved
Apr 19, 2011