Lucene search
SAINT CorporationSAINT:A295B7037894474A20A85F2581F648CCHistoryOct 07, 2010 - 12:00 a.m.
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-0700:00:00
SAINT Corporation
download.saintcorporation.com
20
0.922 High
EPSS
Percentile
99.0%
Added: 10/07/2010
CVE: CVE-2010-3007
BID: 43105
OSVDB: 67973
Background
HP Data Protector Express is a backup and recovery solution for single machines and small networks.
Problem
A buffer overflow vulnerability in dpwindtb.dll in the DtbClsLogin function allows remote attackers to execute arbitrary commands.
Resolution
Apply the patch referenced in HP Security Bulletin HPSBMA02576 SSRT090231.
References
<http://www.zerodayinitiative.com/advisories/ZDI-10-174/>
Limitations
Exploit works on HP Data Protector Express 3.5 Build 37634.
Platforms
Windows
Related
packetstorm
packetstorm
HP Data Protector DtbClsLogin Buffer Overflow
2012-12-12 00:00:00
cvelist
cvelist
CVE-2010-3007
2022-10-03 16:20:55
CVE-2010-3008
2022-10-03 16:20:54
saint
saint
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-07 00:00:00
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-07 00:00:00
HP Data Protector Express DtbClsLogin function buffer overflow
2010-10-07 00:00:00
prion
prion
Code injection
2010-09-09 22:00:00
Code injection
2010-09-13 21:00:00
zdi
zdi
checkpoint_advisories
checkpoint_advisories
HP Data Protector Express DtbClsLogin Stack Buffer Overflow (CVE-2010-3007)
2010-10-05 00:00:00
nvd
nvd
CVE-2010-3007
2010-09-09 22:00:02
CVE-2010-3008
2010-09-13 21:00:28
securityvulns
securityvulns
ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability
2010-09-17 00:00:00
HP Data Protector Express privilege escalation
2010-09-17 00:00:00
cve
cve
CVE-2010-3007
2022-10-03 16:20:55
CVE-2010-3008
2022-10-03 16:20:54
nessus
nessus