HP Device Access Manager Memory Corruption
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2011-4162
Date du conseil: 21 juillet 2015
Description
The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless methods in HP Protect Tools Device Access Manager (PTDAM) before 6.1.0.1 allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a long SidString argument.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1004869
Trend Micro Deep Security DPI Rule Name: 1004869 - HP Device Access Manager Memory Corruption
Affected software and version:
- hp protecttools_device_access_manager 6.0.0.10
- hp protecttools_device_access_manager 6.0.0.12
- hp protecttools_device_access_manager 6.0.0.9