The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability note CVE-2012-2019 CVE-2012-2020

HP Operations Agent, Performance Agent: code execution

Synthesis of the vulnerability

A remote attacker can use two vulnerabilities of HP Operations Agent and HP Performance Agent, in order to execute code.
Vulnerable software: OpenView, OpenView Operations, HP Operations, Performance Center.
Severity of this announce: 3/4.
Consequences of an intrusion: privileged access/rights.
Attacker's origin: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 10/07/2012.
Revisions dates: 13/07/2012, 23/07/2012.
Références of this computer vulnerability: BID-54362, c03397769, CERTA-2012-AVI-374, CVE-2012-2019, CVE-2012-2020, HPSBMU02796, SSRT100594, SSRT100595, VIGILANCE-VUL-11749, ZDI-12-114, ZDI-12-115, ZDI-CAN-1325, ZDI-CAN-1326.

Description of the vulnerability

Two vulnerabilities were announced in HP Operations Agent and HP Performance Agent.

An unauthenticated attacker can use a GET query with a parameter with a large integer value for Opcode 0x34, in order to generate a buffer overflow in coda.exe. [severity:3/4; CVE-2012-2019, SSRT100594, ZDI-12-114, ZDI-CAN-1325]

An unauthenticated attacker can use a GET query with a parameter with a large integer value for Opcode 0x8C, in order to generate a buffer overflow in coda.exe. [severity:3/4; CVE-2012-2020, SSRT100595, ZDI-12-115, ZDI-CAN-1326]

A remote attacker can therefore use two vulnerabilities of HP Operations/Performance Agent, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides networks vulnerabilities announces. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.