HP Data Protector Express is a backup and recovery solution for single machines and small networks.
A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not sufficiently validated. A remote unauthenticated attacker may exploit this vulnerability to gain execution access on the target system.
Apply the patch referenced in HP Security Bulletin HPSBMU02746 SSRT100781.
This exploit has been tested against HP Data Protector Express 6.0.00.11974 on Windows XP SP3 English (DEP OptIn).