Vulnerability Description
Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Operations Manager | 7.5 |
Related Weaknesses (CWE)
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02078800Vendor Advisory
- http://net-ninja.net/blog/media/blogs/b/exploits/hpoperationsmngr.html.txtURL Repurposed
- http://secunia.com/advisories/39538Vendor Advisory
- http://securitytracker.com/id?1023894
- http://www.corelan.be:8800/advisories.php?id=CORELAN-10-027
- http://www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/hpoperationsmngr.
- http://www.securityfocus.com/bid/39578
- http://www.vupen.com/english/advisories/2010/0946Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57938
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02078800Vendor Advisory
- http://net-ninja.net/blog/media/blogs/b/exploits/hpoperationsmngr.html.txtURL Repurposed
- http://secunia.com/advisories/39538Vendor Advisory
- http://securitytracker.com/id?1023894
- http://www.corelan.be:8800/advisories.php?id=CORELAN-10-027
- http://www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/hpoperationsmngr.
FAQ
What is CVE-2010-1033?
CVE-2010-1033 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argum...
How severe is CVE-2010-1033?
CVE-2010-1033 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-1033?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Operations Manager.