Buffer overflow in Hp Power_manager

CVE-2010-4113

Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.

Vulnerability class: Buffer Overflow

EPSS: 0.068 (91.5th percentile) — read the EPSS interpretation.

Affected products

Hp Power_manager — versions 4.2.7, 4.2.8, 4.2.6
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

1024902 (vdb-entry, x_refsource_SECTRACK)
HPSBMA02545 (Vendor Advisory, x_refsource_HP, vendor-advisory)
hp-security-alert@hp.com (x_refsource_MISC)
42644 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)