Vulnerability Name:

CVE-2010-1033 (CCN-57938)

Assigned:2010-04-19
Published:2010-04-19
Updated:2017-08-17
Summary:Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manager 7.5, 8.10, and 8.16 might allow remote attackers to execute arbitrary code via a long string argument to the (1) LoadFile or (2) SaveFile method, related to srcvw32.dll and srcvw4.dll.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.3 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.3 High (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2010-1033

Source: CCN
Type: HP Security Bulletin HPSBMA02491 SSRT100060
HP Operations Manager for Windows, Remote Execution of Arbitrary Code

Source: HP
Type: Vendor Advisory
SSRT100060

Source: MISC
Type: UNKNOWN
http://net-ninja.net/blog/media/blogs/b/exploits/hpoperationsmngr.html.txt

Source: CCN
Type: SA39538
HP Operations Manager SourceView ActiveX Control Buffer Overflow

Source: SECUNIA
Type: Vendor Advisory
39538

Source: CCN
Type: SECTRACK ID: 1023894
HP Operations Manager Unspecified Flaw Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1023894

Source: MISC
Type: UNKNOWN
http://www.corelan.be:8800/advisories.php?id=CORELAN-10-027

Source: CCN
Type: CORELAN-10-027
HP Operations Manager remote BOF

Source: MISC
Type: UNKNOWN
http://www.corelan.be:8800/wp-content/forum-file-uploads/mr_me/hpoperationsmngr.html.txt

Source: CCN
Type: OSVDB ID: 63931
HP Operations Manager on Windows SourceView ActiveX (srcvw32.dll / srcvw4.dll) LoadFile() Method Remote Overflow

Source: BID
Type: UNKNOWN
39578

Source: CCN
Type: BID-39578
HP Operations Manager Buffer Overflow Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2010-0946

Source: XF
Type: UNKNOWN
operations-manager-sourceview-bo(57938)

Source: XF
Type: UNKNOWN
operations-manager-sourceview-bo(57938)

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [04-20-2010]

Vulnerable Configuration:Configuration 1:
  • cpe:/a:hp:operations_manager:7.5:*:windows:*:*:*:*:*
  • OR cpe:/a:hp:operations_manager:8.10:*:windows:*:*:*:*:*
  • OR cpe:/a:hp:operations_manager:8.16:*:windows:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:hp:operations_manager:8.16:*:windows:*:*:*:*:*
  • OR cpe:/a:hp:operations_manager:7.5:*:windows:*:*:*:*:*
  • OR cpe:/a:hp:operations_manager:8.10:*:windows:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    hp operations manager 7.5
    hp operations manager 8.10
    hp operations manager 8.16
    hp operations manager 8.16
    hp operations manager 7.5
    hp operations manager 8.10