Stack-Based Buffer Overflow in HP OpenView Storage Data Protector
CVE-2011-1731

Currently unrated

Key Information:

Vendor: HP
Status: Openview Storage Data Protector
Vendor: CVE Published:; 7 May 2011

Summary

A stack-based buffer overflow vulnerability exists in the Backup Client Service of HP OpenView Storage Data Protector due to improper handling of EXEC_INTEGUTIL messages. This flaw allows remote attackers to send specially crafted messages that can lead to arbitrary code execution on the affected system. The vulnerability affects versions 6.00, 6.10, and 6.11 of the product, posing a significant risk to data integrity and security.

References

http://zerodayinitiative.com/advisories/ZDI-11-147/

x_refsource_MISC

http://www.securityfocus.com/bid/47638

vdb-entryx_refsource_BID

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

EPSS Score

38% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 7, 2011
Vulnerability Reserved
Apr 19, 2011