CVE-2012-3254 : Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to e

Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet.

Published 2012-08-30 17:55:02

Updated 2019-10-09 23:05:20

Source HP Inc.

View at NVD, CVE.org

Vulnerability category: OverflowExecute code

Exploit prediction scoring system (EPSS) score for CVE-2012-3254

Probability of exploitation activity in the next 30 days: 1.34%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 86 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-3254

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2012-3254

http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03473527

Vendor Advisory
http://zerodayinitiative.com/advisories/ZDI-12-163/

ZDI-12-163 | Zero Day Initiative

Products affected by CVE-2012-3254

HP » Inode Management Center Pc
Versions up to, including, (<=) 5.1
cpe:2.3:a:hp:inode_management_center_pc:*:*:*:*:*:*:*:*
Matching versions
HP » Inode Management Center Pc » Version: 5.0 Update E0101
cpe:2.3:a:hp:inode_management_center_pc:5.0:e0101:*:*:*:*:*:*
Matching versions
HP » Inode Management Center Pc » Version: 5.0
cpe:2.3:a:hp:inode_management_center_pc:5.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-3254

Exploit prediction scoring system (EPSS) score for CVE-2012-3254

CVSS scores for CVE-2012-3254

References for CVE-2012-3254

Products affected by CVE-2012-3254