{"api_version":"1","generated_at":"2026-04-23T02:36:06+00:00","cve":"CVE-2009-0714","urls":{"html":"https://cve.report/CVE-2009-0714","api":"https://cve.report/api/cve/CVE-2009-0714.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2009-0714","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2009-0714"},"summary":{"title":"CVE-2009-0714","description":"Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.","state":"PUBLISHED","assigner":"mitre","published_at":"2009-05-14 17:30:00","updated_at":"2026-04-23 00:35:47"},"problem_types":["NVD-CWE-noinfo","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.2","severity":"","vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.securitytracker.com/id?1022220","name":"http://www.securitytracker.com/id?1022220","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"HP Data Protector Express Lets Local Users Gain Elevated Privileges and Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://www.securityfocus.com/bid/34955","name":"http://www.securityfocus.com/bid/34955","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"HP Data Protector Express 'dpwinsup.dll' Privilege Escalation Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.vupen.com/english/advisories/2009/1309","name":"http://www.vupen.com/english/advisories/2009/1309","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/9006","name":"https://www.exploit-db.com/exploits/9006","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"],"title":"HP Data Protector 4.00-SP1b43064 Remote Memory Leak/Dos Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/9007","name":"https://www.exploit-db.com/exploits/9007","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"],"title":"HP Data Protector 4.00-SP1b43064 - Remote Memory Leak/Denial of Service (Metasploit) - Windows dos Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543","name":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"-1","archivestatus":"404"},{"url":"http://secunia.com/advisories/35084","name":"http://secunia.com/advisories/35084","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"],"title":"HP Data Protector Express Denial of Service and Privilege Escalation - Secunia Advisories - Vulnerability Information - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://ivizsecurity.com/security-advisory-iviz-sr-09002.html","name":"http://ivizsecurity.com/security-advisory-iviz-sr-09002.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"],"title":"","mime":"text/html","httpstatus":"-1","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2009-0714","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-0714","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2009","cve_id":"714","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"data_protector_express","cpe6":"3.5","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"data_protector_express","cpe6":"3.5","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"data_protector_express","cpe6":"3.5","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"sse","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"data_protector_express","cpe6":"4.0","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hp","cpe5":"data_protector_express","cpe6":"4.0","cpe7":"sp1","cpe8":"*","cpe9":"*","cpe10":"sse","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"microsoft","cpe5":"windows","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"novell","cpe5":"netware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"linux","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2009","cve_id":"714","vulnerable":"0","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"suse_linux","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T04:48:51.687Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1022220","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1022220"},{"name":"HPSBMA02417","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543"},{"name":"SSRT090031","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543"},{"name":"9007","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/9007"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://ivizsecurity.com/security-advisory-iviz-sr-09002.html"},{"name":"35084","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/35084"},{"name":"34955","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/34955"},{"name":"ADV-2009-1309","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/1309"},{"name":"9006","tags":["exploit","x_refsource_EXPLOIT-DB","x_transferred"],"url":"https://www.exploit-db.com/exploits/9006"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2009-05-13T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-09-28T12:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"1022220","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1022220"},{"name":"HPSBMA02417","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543"},{"name":"SSRT090031","tags":["vendor-advisory","x_refsource_HP"],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543"},{"name":"9007","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/9007"},{"tags":["x_refsource_MISC"],"url":"http://ivizsecurity.com/security-advisory-iviz-sr-09002.html"},{"name":"35084","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/35084"},{"name":"34955","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/34955"},{"name":"ADV-2009-1309","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/1309"},{"name":"9006","tags":["exploit","x_refsource_EXPLOIT-DB"],"url":"https://www.exploit-db.com/exploits/9006"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2009-0714","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1022220","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1022220"},{"name":"HPSBMA02417","refsource":"HP","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543"},{"name":"SSRT090031","refsource":"HP","url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01697543"},{"name":"9007","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/9007"},{"name":"http://ivizsecurity.com/security-advisory-iviz-sr-09002.html","refsource":"MISC","url":"http://ivizsecurity.com/security-advisory-iviz-sr-09002.html"},{"name":"35084","refsource":"SECUNIA","url":"http://secunia.com/advisories/35084"},{"name":"34955","refsource":"BID","url":"http://www.securityfocus.com/bid/34955"},{"name":"ADV-2009-1309","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2009/1309"},{"name":"9006","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/9006"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2009-0714","datePublished":"2009-05-14T17:00:00.000Z","dateReserved":"2009-02-24T00:00:00.000Z","dateUpdated":"2024-08-07T04:48:51.687Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2009-05-14 17:30:00","lastModifiedDate":"2026-04-23 00:35:47","problem_types":["NVD-CWE-noinfo","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":true,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*","matchCriteriaId":"2CF61F35-5905-4BA9-AD7E-7DB261D2F256"},{"vulnerable":false,"criteria":"cpe:2.3:o:novell:netware:*:*:*:*:*:*:*:*","matchCriteriaId":"BF45C68A-5F83-4090-A0C1-A09EC2987706"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:linux:*:*:*:*:*:*:*:*","matchCriteriaId":"B133DAC8-2B0D-4F83-9025-AD071740187A"},{"vulnerable":false,"criteria":"cpe:2.3:o:suse:suse_linux:-:*:*:*:*:*:*:*","matchCriteriaId":"1FB65EF0-0E6A-4178-8564-3CC96891A072"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hp:data_protector_express:3.5:sp1:*:*:*:*:*:*","matchCriteriaId":"0B416366-2680-41E2-ABF9-5CD8D89C7FBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:*:*:*:*","matchCriteriaId":"3F5B5D2E-4692-4DA5-805E-B449CFD9DA5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:data_protector_express:3.5:sp2:*:*:sse:*:*:*","matchCriteriaId":"95F46633-43B3-416F-89CC-EA6A03EFAA4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:*:*:*:*","matchCriteriaId":"AED70E63-BA67-4A68-A121-C3E80F2D1EF0"},{"vulnerable":true,"criteria":"cpe:2.3:a:hp:data_protector_express:4.0:sp1:*:*:sse:*:*:*","matchCriteriaId":"4D5B564A-E034-4E65-BCF9-224CBB175F98"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2009","CveId":"714","Ordinal":"1","Title":"CVE-2009-0714","CVE":"CVE-2009-0714","Year":"2009"},"notes":[{"CveYear":"2009","CveId":"714","Ordinal":"1","NoteData":"Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets.","Type":"Description","Title":"CVE-2009-0714"},{"CveYear":"2009","CveId":"714","Ordinal":"2","NoteData":"2009-05-14","Type":"Other","Title":"Published"},{"CveYear":"2009","CveId":"714","Ordinal":"3","NoteData":"2017-09-28","Type":"Other","Title":"Modified"}]}}}