Vulnerability CVE-2009-0714
Published: 2009-05-14   Modified: 2012-02-13

Description:
Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
HP -> Data protector express 

 References:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543
http://ivizsecurity.com/security-advisory-iviz-sr-09002.html
http://www.securityfocus.com/bid/34955
http://www.securitytracker.com/id?1022220
http://www.vupen.com/english/advisories/2009/1309
https://www.exploit-db.com/exploits/9006
https://www.exploit-db.com/exploits/9007
Copyright 2024, cxsecurity.com

 

Back to Top