Buffer overflow in Hp Operations_manager

CVE-2010-1033

Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile…

Vulnerability class: Buffer Overflow

EPSS: 0.226 (96.0th percentile) — read the EPSS interpretation.

Affected products

Hp Operations_manager — versions 7.5, 8.10, 8.16
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

SSRT100060 (Vendor Advisory, x_refsource_HP, vendor-advisory)
hp-security-alert@hp.com (URL Repurposed, x_refsource_MISC)
39538 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
1023894 (vdb-entry, x_refsource_SECTRACK)
hp-security-alert@hp.com (x_refsource_MISC)
hp-security-alert@hp.com (x_refsource_MISC)
39578 (vdb-entry, x_refsource_BID)
ADV-2010-0946 (vdb-entry, x_refsource_VUPEN, Vendor Advisory)
operations-manager-sourceview-bo(57938) (vdb-entry, x_refsource_XF)