CVE-2012-3274

HP IMC <5.1 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via vectors related to log data.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/41710

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by e6af8de8b1d4b2b6d5ba2610cbf9cd38, sinn3r, juan vazquez · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/hp_imc_uam.rb

View Code ZIP pw:eip

References (2)

[Third Party Advisory] http://zerodayinitiative.com/advisories/ZDI-12-171/

[Various Sources] https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03589863

Scores

EPSS 0.7343

EPSS Percentile 98.8%

Details

CWE

CWE-119

Status published

Products (2)

hp/intelligent_management_center 5.0 (6 CPE variants)

hp/intelligent_management_center < 5.1

Published Dec 06, 2012

Tracked Since Feb 18, 2026