Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-3274 ā€” Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Intelligent Management Center

CWE-119 ā€” Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents5 sources
Severity
10.0CRITICALNVD
EPSS
73.4%
top 1.20%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
HP Intelligent Management Center
Timeline
PublishedDec 6
Latest updateMay 13

Description

Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

šŸ”“Vulnerability Details

2
GHSA
GHSA-5m43-v4fq-2698: Stack-based buffer overflow in uamā†—2022-05-13
ā–¶
CVEList
CVE-2012-3274: Stack-based buffer overflow in uamā†—2012-12-06
ā–¶

šŸ’„Exploits & PoCs

2
Exploit-DB
HP Intelligent Management Center < 5.0 E0102 - UAM Buffer Overflow (Metasploit)ā†—2012-08-29
ā–¶
Metasploit
HP Intelligent Management Center UAM Buffer Overflowā†—
ā–¶
CVE-2012-3274 ā€” HP vulnerability | cvebase