CVE-2011-3156
HP Data Protector Notebook Extension (and Data Protector for Personal Computers) module exposes a DPNECentral web service (dpnepolicyservice) with a LogClientInstallation method vulnerable to input validation flaws. The ZDI advisory describes remote arbitrary-code execution via the userid field i...