Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0693

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-0693
Last Modified 20 Jun 2012 12:00:00
Published 19 Jun 2012 04:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0693

Summary

Multiple buffer overflows in Wyse Device Manager (WDM) 4.7.x allow remote attackers to execute arbitrary code via (1) the User-Agent HTTP header to hserver.dll or (2) unspecified input to hagent.exe.

Vulnerable Systems

Application

  • Dell Wyse Device Manager 4.7.0

  • Dell Wyse Device Manager 4.7.1

  • Dell Wyse Device Manager 4.7.2


References

CERT-VN - VU#654545

MISC - http://www.wyse.com/serviceandsupport/Wyse%20Security%20Bulletin%20WSB09-01.pdf

MISC - http://www.theregister.co.uk/2009/07/10/wyse_remote_exploit_bugs/

FULLDISC - 20090710 'Secure' Wyse thin clients vulnerable to remote exploit bugs


Last Updated: 27 May 2016 10:56:32