CVE-2011-0924
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2011-0924
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds.sh.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
HP Data Protector客户端任意脚本代码执行漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
HP Data Protector 是一款成熟的企业级数据保护平台,可不受距离限制通过磁盘或磁带自动执行高性能备份和恢复。 HP Data Protector中的客户端没有验证和EXEC_CMD命令有关的文件内容。远程攻击者可以通过提供带有信任文件名称的脚本代码,从而执行任意脚本代码。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2011-0924
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2011-0924
请登录查看更多情报信息。
Vendor Advisories for CVE-2011-0924 (4)
- http://zerodayinitiative.com/advisories/ZDI-11-054/x_refsource_MISC
Mailing List Discussions for CVE-2011-0924 (1)
Security Blog Posts for CVE-2011-0924 (1)
- http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-hpx_refsource_MISC
Same Patch Batch · n/a · 2011-02-09 · 15 CVEs total
| CVE-2011-0030 | Microsoft Windows多个平台CSRSS本地权限提升漏洞 | |
| CVE-2011-0031 | Microsoft Windows多个平台脚本引擎信息泄露漏洞 | |
| CVE-2011-0039 | Microsoft Windows多个平台LSASS长度验证漏洞 | |
| CVE-2011-0040 | Microsoft Active Directory服务器SPN输入验证漏洞 | |
| CVE-2011-0045 | Microsoft Windows XP内核整数截断本地权限提升漏洞 | |
| CVE-2011-0086 | Microsoft Windows多个平台win32k错误用户输入验证漏洞 | |
| CVE-2011-0087 | Microsoft Windows多个平台win32k不充足用户输入验证漏洞 | |
| CVE-2011-0088 | Microsoft Windows多个平台win32k窗口类指针混淆漏洞 | |
| CVE-2011-0089 | Microsoft Windows多个平台win32k窗口类错误指针验证漏洞 | |
| CVE-2011-0090 | Microsoft Windows多个平台win32k内存破坏漏洞 | |
| CVE-2011-0277 | HP Power Manager跨站请求伪造漏洞 | |
| CVE-2011-0921 | HP Data Protector客户端Cell Manager Service crs.exe任意代码执行漏洞 | |
| CVE-2011-0922 | HP Data Protector客户端设计错误漏洞 | |
| CVE-2011-0923 | HP Data Protector客户端任意Perl代码执行漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
V. Comments for CVE-2011-0924
No comments yet