TippingPoint's Zero Day Initiative (ZDI) has published an advisory for a remote pre authentication stack buffer overflow vulnerability in the Hewlett-Packard Application Recovery Manager which leads to arbitrary code execution. This vulnerability was discovered by Stephen Fewer of Harmony Security.
You can read the full ZDI advisory here:
And the HP advisory here:
Interestingly, HP only report this as a remote Denial of Service vulnerability while both ZDI and Harmony Security have confirmed it as a remote code execution vulnerability.