Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-3999

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2009-3999
Last Modified 13 Feb 2012 10:49:44
Published 20 Jan 2010 05:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-3999

Summary

Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.

Vulnerable Systems

Application

  • Hp Power Manager 4.2.5

  • Hp Power Manager 4.2.6

  • Hp Power Manager 4.2.9


References

BID - 37867

SECTRACK - 1023470

MISC - http://secunia.com/secunia_research/2009-47/

SECUNIA - 37280

HP - SSRT090252

SREASON - 8482

HP - HPSBMA02485


Last Updated: 27 May 2016 10:58:12