CVE-2011-2608

Exploit

EPSS 1.29%
Published 01.07.2011 10:55:02
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

ovbbccb.exe 6.20.50.0 and other versions in HP OpenView Performance Agent 4.70 and 5.0; and Operations Agent 11.0, 8.60.005, 8.60.006, 8.60.007, 8.60.008, 8.60.501, and 8.53; allows remote attackers to delete arbitrary files via a full pathname in the File field in a Register command.

Affected products Warnungen 0 Metrics 2 CWE 1 References 9

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Openview Performance Agent Version4.70

Hp ≫ Openview Performance Agent Version5.0

Hp ≫ Operations Agent Version8.53

Hp ≫ Operations Agent Version8.60.005

Hp ≫ Operations Agent Version8.60.006

Hp ≫ Operations Agent Version8.60.007

Hp ≫ Operations Agent Version8.60.008

Hp ≫ Operations Agent Version8.60.501

Hp ≫ Operations Agent Version11.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.29%	0.779

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:N/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://aluigi.altervista.org/adv/ovbbccb_1-adv.txt

Exploit

http://marc.info/?l=bugtraq&m=131188898632504&w=2

Vendor Advisory

http://secunia.com/advisories/45079

Vendor Advisory

http://securitytracker.com/id?1025715

http://www.securityfocus.com/bid/48481

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/68269

https://nvd.nist.gov/vuln/detail/CVE-2011-2608

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-2608

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-2608

EUVD