1. CVE-Search
  2. CVE-2009-0714
ID CVE-2009-0714
Summary Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
  • cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*
    cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*
  • cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*
    cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:data_protector_express:3.5:sp1:*:*:*:*:*:*
    cpe:2.3:a:hp:data_protector_express:3.5:sp1:*:*:*:*:*:*
  • cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:*:*:*:*
    cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:*:*:*:*
  • cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:sse:*:*:*
    cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:sse:*:*:*
  • cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:sse:*:*:*
    cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:sse:*:*:*
CVSS
Base: 7.2 (as of 09-10-2019 - 22:58)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 34955
exploit-db
  • 9006
  • 9007
hp
  • HPSBMA02417
  • SSRT090031
misc http://ivizsecurity.com/security-advisory-iviz-sr-09002.html
sectrack 1022220
secunia 35084
vupen ADV-2009-1309
Last major update 09-10-2019 - 22:58
Published 14-05-2009 - 17:30
Last modified 09-10-2019 - 22:58
Back to Top