Lucene search
SAINT CorporationSAINT:699D988D2AA5AD3BB1ED187EFFE68D9EHistoryOct 07, 2010 - 12:00 a.m.
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-0700:00:00
SAINT Corporation
www.saintcorporation.com
16
0.843 High
EPSS
Percentile
98.2%
Added: 10/07/2010
CVE: CVE-2010-3007
BID: 43105
OSVDB: 67973
Background
HP Data Protector Express is a backup and recovery solution for single machines and small networks.
Problem
A buffer overflow vulnerability in dpwindtb.dll in the DtbClsLogin function allows remote attackers to execute arbitrary commands.
Resolution
Apply the patch referenced in HP Security Bulletin HPSBMA02576 SSRT090231.
References
<http://www.zerodayinitiative.com/advisories/ZDI-10-174/>
Limitations
Exploit works on HP Data Protector Express 3.5 Build 37634.
Platforms
Windows
Related
saint
saint
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-07 00:00:00
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-07 00:00:00
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-07 00:00:00
prion
prion
Code injection
2010-09-09 22:00:00
Code injection
2010-09-13 21:00:00
zdi
zdi
packetstorm
packetstorm
HP Data Protector DtbClsLogin Buffer Overflow
2012-12-12 00:00:00
cvelist
cvelist
CVE-2010-3007
2022-10-03 16:20:55
CVE-2010-3008
2022-10-03 16:20:54
checkpoint_advisories
checkpoint_advisories
HP Data Protector Express DtbClsLogin Stack Buffer Overflow (CVE-2010-3007)
2010-10-05 00:00:00
securityvulns
securityvulns
ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability
2010-09-17 00:00:00
HP Data Protector Express privilege escalation
2010-09-17 00:00:00
cve
cve
CVE-2010-3007
2010-09-09 22:00:00
CVE-2010-3008
2010-09-13 21:00:00
nessus
nessus