HP Data Protector Express Opcode 0x320 Overflow

Added: 07/23/2012
CVE: CVE-2012-0121
BID: 52431
OSVDB: 80102

Background

HP Data Protector Express is a backup and recovery solution for single machines and small networks.

Problem

A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not sufficiently validated. A remote unauthenticated attacker may exploit this vulnerability to gain execution access on the target system.

Resolution

Apply the patch referenced in HP Security Bulletin HPSBMU02746 SSRT100781.

References

http://www.zerodayinitiative.com/advisories/ZDI-12-097/

Limitations

This exploit has been tested against HP Data Protector Express 6.0.00.11974 on Windows XP SP3 English (DEP OptIn).

Platforms

Windows

Back to exploit index