Denial of Service Vulnerability in HP Data Protector Express
CVE-2009-0714

Currently unrated

Key Information:

Vendor: HP
Status: Data Protector Express
Vendor: CVE Published:; 14 May 2009

Summary

An unspecified vulnerability exists in the dpwinsup module (dpwinsup.dll) of HP Data Protector Express and Express SSE. This vulnerability allows remote attackers to induce denial of service conditions, potentially causing application crashes or enabling access to sensitive memory contents through the delivery of specially crafted packets. Affected versions include Data Protector Express 3.x prior to build 47065 and Data Protector Express SSE 3.x prior to the same threshold, along with versions 4.x before build 46537.

References

http://www.securitytracker.com/id?1022220

vdb-entryx_refsource_SECTRACK

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

http://h20000.www2.hp.com/bizsupport/TechSupport/Document...

vendor-advisoryx_refsource_HP

EPSS Score

85% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 14, 2009
Vulnerability Reserved
Feb 24, 2009