CVE-2011-1848 — Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Intelligent Management Center

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-805 — Buffer Access with Incorrect Length Value4 documents4 sources

Severity

10.0CRITICALNVD

EPSS

28.9%

top 3.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Intelligent Management Center

Timeline

PublishedMay 13

Latest updateMay 17

Description

Stack-based buffer overflow in img.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a crafted length field in a packet.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDhp/intelligent_management_center5.0

🔴Vulnerability Details

GHSA

GHSA-qhq9-qwpm-5mrh: Stack-based buffer overflow in img↗2022-05-17

▶

CVEList

CVE-2011-1848: Stack-based buffer overflow in img↗2011-05-13

▶

📐Framework References

CWE

Buffer Access with Incorrect Length Value↗

▶