CVE-2012-3253

critical

Published 2012-08-30 · Modified 2026-04-29

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer overflow and heap-based buffer overflow in img.exe for a crafted message packet.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: hp-security-alert@hp.com — http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03473459

Application impact

Vendor	Product	Versions	Fixed
hp	intelligent_management_center	`{"endIncluding":"5.0"}`
hp	intelligent_management_center	`5.0`

References

http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03473459
http://zerodayinitiative.com/advisories/ZDI-12-164/
http://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03473459
http://zerodayinitiative.com/advisories/ZDI-12-164/

Verify integrity in audit chain (admin only). AS-IS.