Intrusion Prevention

HP.AIO.Archive.Query.Server.Oasoa.EXE.Stack.Buffer.Overflow

Description

This indicates an attack attempt against a Stack Buffer Overflow vulnerability in HP Application Information Optimizer.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request to the vulnerable service.

Affected Products

HP Application Information Optimizer 6.2
HP Application Information Optimizer 6.3
HP Application Information Optimizer 6.4
HP Application Information Optimizer 7.0

Impact

System Compromise: Remote attackers can execute arbitrary code in the context of the affected application.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c04041078

CVE References

CVE-2013-6189