Executive Summary
| Summary | |
|---|---|
| Title | HP Client Automation Enterprise (HPCA) Running on Windows, Remote Execution of Arbitrary Code |
| Informations | |||
|---|---|---|---|
| Name | HPSBMA02644 SSRT100284 | First vendor Publication | 2011-03-14 |
| Vendor | HP | Last vendor Modification | 2011-03-14 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A potential security problem has been identified with HP Client Automation Enterprise software (HPCA) running on Windows. HPCA was formerly known as Radia Notify. This vulnerability could be exploited to allow execution of arbitrary code. |
Original Source
| Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02750690 |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 5 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 71179 | HP Client Automation Enterprise radexecd.exe Remote Code Execution HP Client Automation Enterprise contains a flaw that may allow a remote attacker to execute arbitrary code. No further details have been provided. |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2011-09-12 | Name : The HP Client Automation service on the remote port can run commands on the l... File : hpca_command_execution.nasl - Type : ACT_ATTACK |
