CVE-2009-0714
Summary
| CVE | CVE-2009-0714 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2009-05-14 17:30:00 UTC |
| Updated | 2019-10-09 22:58:00 UTC |
| Description | Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Hp | Data Protector Express | 3.5 | sp1 | All | All |
| Application | Hp | Data Protector Express | 3.5 | sp2 | All | All |
| Application | Hp | Data Protector Express | 3.5 | sp2 | All | All |
| Application | Hp | Data Protector Express | 4.0 | sp1 | All | All |
| Application | Hp | Data Protector Express | 4.0 | sp1 | All | All |
| Application | Hp | Data Protector Express | 3.5 | sp1 | All | All |
| Application | Hp | Data Protector Express | 3.5 | sp2 | All | All |
| Application | Hp | Data Protector Express | 3.5 | sp2 | All | All |
| Application | Hp | Data Protector Express | 4.0 | sp1 | All | All |
| Application | Hp | Data Protector Express | 4.0 | sp1 | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Microsoft | Windows | All | All | All | All |
| Operating System | Novell | Netware | All | All | All | All |
| Operating System | Novell | Netware | All | All | All | All |
| Operating System | Redhat | Linux | All | All | All | All |
| Operating System | Redhat | Linux | All | All | All | All |
| Operating System | Suse | Suse Linux | - | All | All | All |
| Operating System | Suse | Suse Linux | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| HP Data Protector Express Lets Local Users Gain Elevated Privileges and Deny Service - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Third Party Advisory |
| HP Data Protector 4.00-SP1b43064 Remote Memory Leak/Dos Exploit | EXPLOIT-DB | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| HP Data Protector Express Denial of Service and Privilege Escalation - Secunia Advisories - Vulnerability Information - Secunia.com | SECUNIA | secunia.com | Third Party Advisory |
| HPSBMA02417 | HP | h20000.www2.hp.com | Vendor Advisory |
| HP Data Protector Express 'dpwinsup.dll' Privilege Escalation Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service (Metasploit) - Windows dos Exploit | EXPLOIT-DB | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| ivizsecurity.com/security-advisory-iviz-sr-09002.html | MISC | ivizsecurity.com | Broken Link |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.