Stack-based buffer overflow in iNodeMngChecker.exe in the User Access Manager (UAM) 5.0 before SP1 E0101P03 and Endpoint Admission Defense (EAD) 5.0 before SP1 E0101P03 components in HP Intelligent Management Center (aka iNode Management Center) allows remote attackers to execute arbitrary code via a 0x0A0BF007 packet.
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
| Link | Tags |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-11-232/ | |
| http://www.securityfocus.com/bid/48527 | vdb entry |
| http://www.osvdb.org/73597 | vdb entry |
| http://securitytracker.com/id?1025740 | vdb entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/68348 | vdb entry |
| http://marc.info/?l=bugtraq&m=130982758604404&w=2 | vendor advisory |
| http://secunia.com/advisories/45129 | third party advisory vendor advisory |
| http://securityreason.com/securityalert/8302 | third party advisory |
| http://www.securityfocus.com/archive/1/518691/100/0/threaded | mailing list |