CVE-2010-0447

Currently unrated

Key Information:

Vendor: HP
Status: Openview Performance Insight
Vendor: CVE Published:; 10 March 2010

Summary

The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier does not properly authenticate and validate requests, which allows remote attackers to execute arbitrary commands via vectors involving upload of a JSP document.

References

http://www.securityfocus.com/archive/1/509984/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/38899

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/38611

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 10, 2010
Vulnerability Reserved
Jan 27, 2010