|CVSS SCORE||7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)|
iNode Management Center
The specific flaw exists within pmd.exe, which listens by default on TCP port 162. By sending a specially crafted packet to the process, an attacker can provide a size to allocate an undersized buffer which will later be used for a memcpy. This vulnerability will cause a corruption of heap memory and allow for an attacker to execute code under the context of the process.
Hewlett-Packard has issued an update to correct this vulnerability. More details can be found at: