CVE-2011-4791 Information

Description

DBServer.exe in HP Data Protector Media Operations 6.11 and earlier allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field.

Reference

http://www.securityfocus.com/archive/1/521472 http://zerodayinitiative.com/advisories/ZDI-11-112/