CVE-2011-1854

Description

Use-after-free vulnerability in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to execute arbitrary code via a long syslog packet, related to an exception handler.

Affected products

• HP / intelligent_management_center5.0 – 5.0
• HP / intelligent_management_center5.0 – 5.0
• HP / intelligent_management_center5.0 – 5.0

References

• MISChttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750
• VENDOR_ADVISORYhttp://www.zerodayinitiative.com/advisories/ZDI-11-166/
• MISChttp://securitytracker.com/id?1025519
• MISChttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750
• MISChttp://www.securityfocus.com/bid/47789