CVE-2010-4113

HIGH

Description

Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.

References

http://marc.info/?l=bugtraq&m=129251322532373&w=2

http://secunia.com/advisories/42644

http://www.securitytracker.com/id?1024902

http://www.zerodayinitiative.com/advisories/ZDI-10-292/

Details

Source: MITRE

Published: 2010-12-22

Updated: 2011-02-09

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH