Vulnerabilities > CVE-2011-2331 - Numeric Errors vulnerability in HP Intelligent Management Center

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

CWE-189

critical

NVD

Published: 2011-06-02

Updated: 2017-08-29

Summary

Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP Intelligent Management Center *	1

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

References

http://secunia.com/advisories/44748
http://securitytracker.com/id?1025583
http://www.securityfocus.com/bid/48065
http://zerodayinitiative.com/advisories/ZDI-11-170/
https://exchange.xforce.ibmcloud.com/vulnerabilities/67738