DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field.
http://www.securityfocus.com/archive/1/521472
http://zerodayinitiative.com/advisories/ZDI-11-112/
Source: MITRE
Published: 2012-02-03
Updated: 2019-10-09
Type: CWE-94
Base Score: 10
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 10
Severity: HIGH