Added: 10/07/2010
CVE: CVE-2010-3007
BID: 43105
OSVDB: 67973
HP Data Protector Express is a backup and recovery solution for single machines and small networks.
A buffer overflow vulnerability in dpwindtb.dll in the DtbClsLogin function allows remote attackers to execute arbitrary commands.
Apply the patch referenced in HP Security Bulletin HPSBMA02576 SSRT090231.
<http://www.zerodayinitiative.com/advisories/ZDI-10-174/>
Exploit works on HP Data Protector Express 3.5 Build 37634.
Windows