CVE-2011-2608

Exploit

EPSS 1.29%
Veröffentlicht 01.07.2011 10:55:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Agent 4.70 and 5.0; and Operations Agent 11.0, 8.60.005, 8.60.006, 8.60.007, 8.60.008, 8.60.501, and 8.53; allows remote attackers to delete arbitrary files via a full pathname in the File field in a Register command.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hp ≫ Openview Performance Agent Version4.70

Hp ≫ Openview Performance Agent Version5.0

Hp ≫ Operations Agent Version8.53

Hp ≫ Operations Agent Version8.60.005

Hp ≫ Operations Agent Version8.60.006

Hp ≫ Operations Agent Version8.60.007

Hp ≫ Operations Agent Version8.60.008

Hp ≫ Operations Agent Version8.60.501

Hp ≫ Operations Agent Version11.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.29%	0.779

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:N/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://aluigi.altervista.org/adv/ovbbccb_1-adv.txt

Exploit

http://marc.info/?l=bugtraq&m=131188898632504&w=2

Vendor Advisory

http://secunia.com/advisories/45079

Vendor Advisory

http://securitytracker.com/id?1025715

http://www.securityfocus.com/bid/48481

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/68269

https://nvd.nist.gov/vuln/detail/CVE-2011-2608

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-2608

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-2608

EUVD