Vulnerability Details : CVE-2012-0124
Public exploit exists!
Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
Vulnerability category: Execute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2012-0124
92.61%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2012-0124
-
HP Data Protector Create New Folder Buffer Overflow
Disclosure Date: 2012-03-12First seen: 2020-04-26exploit/windows/misc/hp_dataprotector_new_folderThis module exploits a stack buffer overflow in HP Data Protector 5. The overflow occurs in the creation of new folders, where the name of the folder is handled in a insecure way by the dpwindtb.dll component. While the overflow occurs in the stack, the folder name
CVSS scores for CVE-2012-0124
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2012-0124
-
http://www.securityfocus.com/archive/1/521944
SecurityFocus
Products affected by CVE-2012-0124
- cpe:2.3:a:hp:data_protector_express:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:data_protector_express:6.0:*:*:*:*:*:*:*