HP Power Manager 'formExportDataLogs' Buffer Overflow Remote Code Execution Vulnerability
HP Power Manager is prone to a remote code-execution vulnerability because it fails to properly bounds-check user-supplied data.
An attacker can exploit this issue to execute arbitrary code with SYSTEM privileges, resulting in a complete compromise of the affected computer. Failed exploit attempts will result in a denial-of-service condition.
NOTE: This BID initially referenced CVE-2009-4000. This issue is now described in BID 37873.
Versions prior to Power Manager 4.2.10 are affected.