CVE-2009-4000

Currently unrated

Key Information:

Vendor: HP
Status: Power Manager
Vendor: CVE Published:; 20 January 2010

Summary

Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.

References

http://secunia.com/advisories/37280

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/secunia_research/2009-48/

x_refsource_MISC

http://marc.info/?l=bugtraq&m=126393370331959&w=2

vendor-advisoryx_refsource_HP

EPSS Score

51% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jan 20, 2010