Remote Code Execution Vulnerability in Wyse Device Manager by Wyse Technology
CVE-2009-0693

Currently unrated

Key Information:

Vendor

Dell
Status
Wyse Device Manager
Vendor
CVE Published:
19 June 2012

What is CVE-2009-0693?

Multiple buffer overflow vulnerabilities present in Wyse Device Manager (WDM) version 4.7.x enable remote attackers to gain unauthorized execution of arbitrary code. Exploitation can occur through the manipulation of the User-Agent HTTP header targeting hserver.dll, as well as via unspecified inputs directed at hagent.exe. This exposure underscores critical security considerations for users relying on Wyse Device Manager for device management.

References

http://www.wyse.com/serviceandsupport/Wyse%20Security%20B...
x_refsource_MISC
http://www.kb.cert.org/vuls/id/654545
third-party-advisoryx_refsource_CERT-VN
http://archives.neohapsis.com/archives/fulldisclosure/200...
mailing-listx_refsource_FULLDISC

EPSS Score

23% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.