Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3278

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2012-3278
Last Modified 28 Jan 2013 12:00:00
Published 25 Jan 2013 01:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-3278

Summary

Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet.

Vulnerable Systems

Application

  • Hp Diagnostics Server 8.00

  • Hp Diagnostics Server 8.01

  • Hp Diagnostics Server 8.02

  • Hp Diagnostics Server 8.03

  • Hp Diagnostics Server 8.04

  • Hp Diagnostics Server 8.05

  • Hp Diagnostics Server 8.06

  • Hp Diagnostics Server 8.07

  • Hp Diagnostics Server 9.00

  • Hp Diagnostics Server 9.01

  • Hp Diagnostics Server 9.02

  • Hp Diagnostics Server 9.10

  • Hp Diagnostics Server 9.12

  • Hp Diagnostics Server 9.20

  • Hp Diagnostics Server 9.21


References

HP - SSRT100724

HP - HPSBMU02841

MISC - http://www.zerodayinitiative.com/advisories/ZDI-12-162/


Last Updated: 27 May 2016 11:01:44