Vulnerability Description
The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Protecttools Device Access Manager | <= 6.0.0.12 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=132284686204608&w=2Vendor Advisory
- http://marc.info/?l=bugtraq&m=134152032516062&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71600
- https://www.htbridge.ch/advisory/heap_memory_corruption_in_hp_device_access_manaExploit
- http://marc.info/?l=bugtraq&m=132284686204608&w=2Vendor Advisory
- http://marc.info/?l=bugtraq&m=134152032516062&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71600
- https://www.htbridge.ch/advisory/heap_memory_corruption_in_hp_device_access_manaExploit
FAQ
What is CVE-2011-4162?
CVE-2011-4162 is a vulnerability with a CVSS score of 7.5 (HIGH). The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow rem...
How severe is CVE-2011-4162?
CVE-2011-4162 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4162?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Protecttools Device Access Manager.