CVE-2011-1733

2011-05-0719:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-1733

stack-based buffer overflow

omniinet.exe

backup client service

hp openview storage data protector

arbitrary code execution

remote attackers

hpfgconfig message

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.854 High

EPSS

Percentile

98.6%

JSON

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message.

Affected configurations

NVD

Node

hpopenview_storage_data_protectorMatch6.00

hpopenview_storage_data_protectorMatch6.10

hpopenview_storage_data_protectorMatch6.11

CPENameOperatorVersion
hp:openview_storage_data_protectorhp openview storage data protectoreq6.00
hp:openview_storage_data_protectorhp openview storage data protectoreq6.10
hp:openview_storage_data_protectorhp openview storage data protectoreq6.11

CPE	Name	Operator	Version
hp:openview_storage_data_protector	hp openview storage data protector	eq	6.00
hp:openview_storage_data_protector	hp openview storage data protector	eq	6.10
hp:openview_storage_data_protector	hp openview storage data protector	eq	6.11