Vulnerabilites related to hp - power_manager
Vulnerability from fkie_nvd
Published
2009-11-06 15:30
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | power_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:power_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F088CA39-C40B-4C1A-9009-23B3AFF0CC07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el formulario de login en el servidor de gesti\u00f3n web en HP Power Manager permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante la variable \"Login\"."
}
],
"id": "CVE-2009-2685",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-11-06T15:30:00.420",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37276"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023140"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/59684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/507708/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/36933"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3154"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-081/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/59684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/507708/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-081/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-01-20 22:30
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | power_manager | * | |
| hp | power_manager | 4.2.5 | |
| hp | power_manager | 4.2.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:power_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5EF900-BB09-4E23-8A17-6B9479A736C0",
"versionEndIncluding": "4.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCE8F58-E1A8-4DFA-80B1-32BECDAF1811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4CA6CE-AF65-41E9-829D-1582E53086F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter."
},
{
"lang": "es",
"value": "Desbordamiento de pila basado en b\u00fafer en goform/formExportDataLogs en HP Power Manager en versiones anteriores a v4.2.10 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un par\u00e1metro largo \"fileName\"."
}
],
"id": "CVE-2009-3999",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-20T22:30:00.367",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37280"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-47/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securityreason.com/securityalert/8482"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securitytracker.com/id?1023470"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/37867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-47/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/8482"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37867"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-09 01:00
Modified
2025-04-11 00:51
Severity ?
Summary
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | power_manager | * | |
| hp | power_manager | 4.2.5 | |
| hp | power_manager | 4.2.6 | |
| hp | power_manager | 4.2.7 | |
| hp | power_manager | 4.2.8 | |
| hp | power_manager | 4.2.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:power_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63F6F47C-2BD0-4523-9CE9-2DF813DAD007",
"versionEndIncluding": "4.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCE8F58-E1A8-4DFA-80B1-32BECDAF1811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4CA6CE-AF65-41E9-829D-1582E53086F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6710514E-9885-4B85-9491-2760C4038C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF7306F-BFC5-479E-B4AF-4DCAE01FE3F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "41DC512A-EE43-4690-9F0C-38A1E5E0FFBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts."
},
{
"lang": "es",
"value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n en sitios cruzados (CSRF) en HP Power Manager (HPPM) v4.3.2 y anteriores, permite a atacantes remotos secuestrar la autenticaci\u00f3n de los administradores durante las peticiones de creaci\u00f3n de nuevas cuentas administrativas."
}
],
"id": "CVE-2011-0277",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-02-09T01:00:09.307",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://osvdb.org/70836"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43058"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/46258"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1025032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/70836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46258"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025032"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-03-14 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | power_manager | * | |
| hp | power_manager | 4.2.5 | |
| hp | power_manager | 4.2.6 | |
| hp | power_manager | 4.2.7 | |
| hp | power_manager | 4.2.8 | |
| hp | power_manager | 4.2.9 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:power_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63F6F47C-2BD0-4523-9CE9-2DF813DAD007",
"versionEndIncluding": "4.3.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCE8F58-E1A8-4DFA-80B1-32BECDAF1811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4CA6CE-AF65-41E9-829D-1582E53086F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6710514E-9885-4B85-9491-2760C4038C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF7306F-BFC5-479E-B4AF-4DCAE01FE3F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "41DC512A-EE43-4690-9F0C-38A1E5E0FFBA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en HP Power Manager(HPPM)v4.3.2 y anteriores, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s de los par\u00e1metros (1) logType de Contents/exportlogs.asp, (2) Id de Contents/pagehelp.asp, o (3) SORTORD o(4) SORTCOL de Contents/applicationlogs.asp.\r\nNOTA : algunos de estos detalles han sido obtenidos de informaci\u00f3n de terceros ."
}
],
"id": "CVE-2011-0280",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-03-14T19:55:00.697",
"references": [
{
"source": "hp-security-alert@hp.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43058"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securityfocus.com/bid/46830"
},
{
"source": "hp-security-alert@hp.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/43058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66035"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-01-20 22:30
Modified
2025-04-11 00:51
Severity ?
Summary
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | power_manager | * | |
| hp | power_manager | 4.2.5 | |
| hp | power_manager | 4.2.6 | |
| hp | power_manager | 4.2.7 | |
| hp | power_manager | 4.2.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:power_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5EF900-BB09-4E23-8A17-6B9479A736C0",
"versionEndIncluding": "4.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCE8F58-E1A8-4DFA-80B1-32BECDAF1811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4CA6CE-AF65-41E9-829D-1582E53086F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6710514E-9885-4B85-9491-2760C4038C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF7306F-BFC5-479E-B4AF-4DCAE01FE3F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en goform/formExportDataLogs en HP Power Manager en versiones anteriores a v4.2.10 permite a atacantes remotos sobrescribir ficheros de forma arbitraria, y ejecutar c\u00f3digo arbitrario, a trav\u00e9s de secuencia de salto de directorio en el par\u00e1metro \"fileName\"."
}
],
"id": "CVE-2009-4000",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-20T22:30:00.413",
"references": [
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37280"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-48/"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://securitytracker.com/id?1023470"
},
{
"source": "PSIRT-CNA@flexerasoftware.com",
"url": "http://www.securityfocus.com/bid/37873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2009-48/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37873"
}
],
"sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-22 21:00
Modified
2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| hp | power_manager | * | |
| hp | power_manager | 4.2.5 | |
| hp | power_manager | 4.2.6 | |
| hp | power_manager | 4.2.7 | |
| hp | power_manager | 4.2.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:power_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD5EF900-BB09-4E23-8A17-6B9479A736C0",
"versionEndIncluding": "4.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "DCCE8F58-E1A8-4DFA-80B1-32BECDAF1811",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3F4CA6CE-AF65-41E9-829D-1582E53086F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6710514E-9885-4B85-9491-2760C4038C58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:hp:power_manager:4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF7306F-BFC5-479E-B4AF-4DCAE01FE3F5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en HP Power Manager (HPPM) anterior a versi\u00f3n 4.3.2, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una variable Login larga en el servidor web de administraci\u00f3n."
}
],
"id": "CVE-2010-4113",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-22T21:00:18.303",
"references": [
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"source": "hp-security-alert@hp.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42644"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.securitytracker.com/id?1024902"
},
{
"source": "hp-security-alert@hp.com",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-292/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1024902"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-292/"
}
],
"sourceIdentifier": "hp-security-alert@hp.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-4113 (GCVE-0-2010-4113)
Vulnerability from cvelistv5
Published
2010-12-22 20:00
Modified
2024-08-07 03:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1024902 | vdb-entry, x_refsource_SECTRACK | |
| http://marc.info/?l=bugtraq&m=129251322532373&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.zerodayinitiative.com/advisories/ZDI-10-292/ | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=129251322532373&w=2 | vendor-advisory, x_refsource_HP | |
| http://secunia.com/advisories/42644 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.356Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024902",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024902"
},
{
"name": "HPSBMA02545",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-292/"
},
{
"name": "SSRT100139",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"name": "42644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42644"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-01-11T10:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1024902",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024902"
},
{
"name": "HPSBMA02545",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-292/"
},
{
"name": "SSRT100139",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"name": "42644",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42644"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2010-4113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execute arbitrary code via a long Login variable to the management web server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024902",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024902"
},
{
"name": "HPSBMA02545",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-10-292/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-292/"
},
{
"name": "SSRT100139",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=129251322532373\u0026w=2"
},
{
"name": "42644",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42644"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2010-4113",
"datePublished": "2010-12-22T20:00:00",
"dateReserved": "2010-10-27T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.356Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-2685 (GCVE-0-2009-2685)
Vulnerability from cvelistv5
Published
2009-11-06 15:00
Modified
2024-08-07 05:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/59684 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/36933 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2009/3154 | vdb-entry, x_refsource_VUPEN | |
| http://marc.info/?l=bugtraq&m=125744000032141&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/archive/1/507708/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/37276 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=125744000032141&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.zerodayinitiative.com/advisories/ZDI-09-081/ | x_refsource_MISC | |
| http://securitytracker.com/id?1023140 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59684",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/59684"
},
{
"name": "36933",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36933"
},
{
"name": "ADV-2009-3154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3154"
},
{
"name": "HPSBMA02474",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"name": "20091105 ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507708/100/0/threaded"
},
{
"name": "37276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37276"
},
{
"name": "SSRT090107",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-081/"
},
{
"name": "1023140",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023140"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-11-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "59684",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/59684"
},
{
"name": "36933",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36933"
},
{
"name": "ADV-2009-3154",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3154"
},
{
"name": "HPSBMA02474",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"name": "20091105 ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507708/100/0/threaded"
},
{
"name": "37276",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37276"
},
{
"name": "SSRT090107",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-081/"
},
{
"name": "1023140",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023140"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2685",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the login form in the management web server in HP Power Manager allows remote attackers to execute arbitrary code via the Login variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59684",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/59684"
},
{
"name": "36933",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36933"
},
{
"name": "ADV-2009-3154",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3154"
},
{
"name": "HPSBMA02474",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"name": "20091105 ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507708/100/0/threaded"
},
{
"name": "37276",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37276"
},
{
"name": "SSRT090107",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=125744000032141\u0026w=2"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-081/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-081/"
},
{
"name": "1023140",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023140"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2685",
"datePublished": "2009-11-06T15:00:00",
"dateReserved": "2009-08-05T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0280 (GCVE-0-2011-0280)
Vulnerability from cvelistv5
Published
2011-03-14 19:00
Modified
2024-08-06 21:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/66035 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/46830 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/43058 | third-party-advisory, x_refsource_SECUNIA | |
| http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html | vendor-advisory, x_refsource_HP | |
| http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html | vendor-advisory, x_refsource_HP |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:07.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "powermanager-unspecified-xss(66035)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66035"
},
{
"name": "46830",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46830"
},
{
"name": "43058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43058"
},
{
"name": "HPSBMA02629",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"name": "SSRT100381",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-03-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "powermanager-unspecified-xss(66035)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66035"
},
{
"name": "46830",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46830"
},
{
"name": "43058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43058"
},
{
"name": "HPSBMA02629",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"name": "SSRT100381",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-0280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Contents/exportlogs.asp, (2) the Id parameter to Contents/pagehelp.asp, or the (3) SORTORD or (4) SORTCOL parameter to Contents/applicationlogs.asp. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "powermanager-unspecified-xss(66035)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/66035"
},
{
"name": "46830",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46830"
},
{
"name": "43058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43058"
},
{
"name": "HPSBMA02629",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
},
{
"name": "SSRT100381",
"refsource": "HP",
"url": "http://archives.neohapsis.com/archives/bugtraq/2011-03/0111.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2011-0280",
"datePublished": "2011-03-14T19:00:00",
"dateReserved": "2010-12-23T00:00:00",
"dateUpdated": "2024-08-06T21:51:07.673Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3999 (GCVE-0-2009-3999)
Vulnerability from cvelistv5
Published
2010-01-20 22:00
Modified
2024-08-07 06:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/secunia_research/2009-47/ | x_refsource_MISC | |
| http://securityreason.com/securityalert/8482 | third-party-advisory, x_refsource_SREASON | |
| http://secunia.com/advisories/37280 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=126393370331959&w=2 | vendor-advisory, x_refsource_HP | |
| http://securitytracker.com/id?1023470 | vdb-entry, x_refsource_SECTRACK | |
| http://marc.info/?l=bugtraq&m=126393370331959&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/bid/37867 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-47/"
},
{
"name": "8482",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8482"
},
{
"name": "37280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37280"
},
{
"name": "HPSBMA02485",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "1023470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023470"
},
{
"name": "SSRT090252",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "37867",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37867"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-02-14T10:00:00",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-47/"
},
{
"name": "8482",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8482"
},
{
"name": "37280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37280"
},
{
"name": "HPSBMA02485",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "1023470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023470"
},
{
"name": "SSRT090252",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "37867",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37867"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-3999",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://secunia.com/secunia_research/2009-47/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-47/"
},
{
"name": "8482",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8482"
},
{
"name": "37280",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37280"
},
{
"name": "HPSBMA02485",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "1023470",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023470"
},
{
"name": "SSRT090252",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "37867",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37867"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-3999",
"datePublished": "2010-01-20T22:00:00",
"dateReserved": "2009-11-19T00:00:00",
"dateUpdated": "2024-08-07T06:45:50.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-4000 (GCVE-0-2009-4000)
Vulnerability from cvelistv5
Published
2010-01-20 22:00
Modified
2024-09-16 17:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/37280 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/secunia_research/2009-48/ | x_refsource_MISC | |
| http://marc.info/?l=bugtraq&m=126393370331959&w=2 | vendor-advisory, x_refsource_HP | |
| http://securitytracker.com/id?1023470 | vdb-entry, x_refsource_SECTRACK | |
| http://marc.info/?l=bugtraq&m=126393370331959&w=2 | vendor-advisory, x_refsource_HP | |
| http://www.securityfocus.com/bid/37873 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:45:50.994Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37280"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2009-48/"
},
{
"name": "HPSBMA02485",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "1023470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023470"
},
{
"name": "SSRT090252",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "37873",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37873"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-01-20T22:00:00Z",
"orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"shortName": "flexera"
},
"references": [
{
"name": "37280",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37280"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2009-48/"
},
{
"name": "HPSBMA02485",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "1023470",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023470"
},
{
"name": "SSRT090252",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "37873",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37873"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
"ID": "CVE-2009-4000",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37280",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37280"
},
{
"name": "http://secunia.com/secunia_research/2009-48/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2009-48/"
},
{
"name": "HPSBMA02485",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "1023470",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023470"
},
{
"name": "SSRT090252",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=126393370331959\u0026w=2"
},
{
"name": "37873",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37873"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
"assignerShortName": "flexera",
"cveId": "CVE-2009-4000",
"datePublished": "2010-01-20T22:00:00Z",
"dateReserved": "2009-11-19T00:00:00Z",
"dateUpdated": "2024-09-16T17:09:00.730Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0277 (GCVE-0-2011-0277)
Vulnerability from cvelistv5
Published
2011-02-09 00:00
Modified
2024-08-06 21:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1025032 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/70836 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/46258 | vdb-entry, x_refsource_BID | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131 | vendor-advisory, x_refsource_HP | |
| http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131 | vendor-advisory, x_refsource_HP | |
| http://secunia.com/advisories/43058 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:07.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1025032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025032"
},
{
"name": "70836",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/70836"
},
{
"name": "46258",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46258"
},
{
"name": "SSRT100381",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"name": "HPSBMA02629",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"name": "43058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-02-17T10:00:00",
"orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"shortName": "hp"
},
"references": [
{
"name": "1025032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025032"
},
{
"name": "70836",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/70836"
},
{
"name": "46258",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46258"
},
{
"name": "SSRT100381",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"name": "HPSBMA02629",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"name": "43058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "hp-security-alert@hp.com",
"ID": "CVE-2011-0277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in HP Power Manager (HPPM) 4.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1025032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025032"
},
{
"name": "70836",
"refsource": "OSVDB",
"url": "http://osvdb.org/70836"
},
{
"name": "46258",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46258"
},
{
"name": "SSRT100381",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"name": "HPSBMA02629",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02711131"
},
{
"name": "43058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2",
"assignerShortName": "hp",
"cveId": "CVE-2011-0277",
"datePublished": "2011-02-09T00:00:00",
"dateReserved": "2010-12-23T00:00:00",
"dateUpdated": "2024-08-06T21:51:07.748Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}