CVE-2014-2626
Summary
| CVE | CVE-2014-2626 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-07-26 15:55:00 UTC |
| Updated | 2017-01-07 02:59:00 UTC |
| Description | Directory traversal vulnerability in the toServerObject function in HP Network Virtualization 8.6 (aka Shunra Network Virtualization) allows remote attackers to create files, and consequently execute arbitrary code, via crafted input, aka ZDI-CAN-2024. |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hp | Network Virtualization | 8.6 | All | All | All |
| Application | Hp | Network Virtualization | 8.6 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| HP Network Virtualization Bugs Let Remote Users Obtain Information and Execute Arbitrary Code - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Zero Day Initiative | MISC | zerodayinitiative.com | |
| HPSBMU03073 | HP | h20564.www2.hp.com | Vendor Advisory |
| About Secunia Research | Flexera | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.