CVE-2011-1736

Currently unrated

Key Information:

Vendor: HP
Status: Openview Storage Data Protector
Vendor: CVE Published:; 7 May 2011

Summary

Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.

References

http://www.securityfocus.com/archive/1/517772/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://osvdb.org/72195

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/47638

vdb-entryx_refsource_BID

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 7, 2011
Vulnerability Reserved
Apr 19, 2011