HP : Security Vulnerabilities, CVEs, Published In 2011
CVE-2011-0266
Public exploit
Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2.
Max CVSS
10.0
EPSS Score
96.20%
Published
2011-01-13
Updated
2017-08-17
CVE-2011-0267
Public exploit
Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long (1) schdParams or (2) nameParams parameter, a different vulnerability than CVE-2011-0266.
Max CVSS
10.0
EPSS Score
96.94%
Published
2011-01-13
Updated
2017-08-17
CVE-2011-0276
Public exploit
HP OpenView Performance Insight Server 5.2, 5.3, 5.31, 5.4, and 5.41 contains a "hidden account" in the com.trinagy.security.XMLUserManager Java class, which allows remote attackers to execute arbitrary code via the doPost method in the com.trinagy.servlet.HelpManagerServlet class.
Max CVSS
10.0
EPSS Score
97.25%
Published
2011-02-02
Updated
2018-10-10
CVE-2011-0514
Public exploit
The RDS service (rds.exe) in HP Data Protector Manager 6.11 allows remote attackers to cause a denial of service (crash) via a packet with a large data size to TCP port 1530.
Max CVSS
5.0
EPSS Score
96.38%
Published
2011-01-20
Updated
2011-01-24
CVE-2011-0922
Public exploit
The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.
Max CVSS
10.0
EPSS Score
96.65%
Published
2011-02-09
Updated
2018-10-09
CVE-2011-0923
Public exploit
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
Max CVSS
10.0
EPSS Score
97.22%
Published
2011-02-09
Updated
2016-08-23
CVE-2011-1865
Public exploit
Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.
Max CVSS
10.0
EPSS Score
94.79%
Published
2011-07-01
Updated
2017-08-17
CVE-2011-2404
Public exploit
A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than CVE-2011-4786 and CVE-2011-4787.
Max CVSS
7.5
EPSS Score
85.30%
Published
2011-08-11
Updated
2012-01-14
CVE-2011-3167
Public exploit
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1210.
Max CVSS
10.0
EPSS Score
94.39%
Published
2011-11-02
Updated
2012-02-15
CVE-2011-4166
Public exploit
Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
Max CVSS
7.5
EPSS Score
95.57%
Published
2011-12-27
Updated
2019-10-09
10 vulnerabilities found