HP Power Manager 'formExportDataLogs' Buffer Overflow Remote Code Execution Vulnerability

HP Power Manager is prone to a remote code-execution vulnerability because it fails to properly bounds-check user-supplied data.

An attacker can exploit this issue to execute arbitrary code with SYSTEM privileges, resulting in a complete compromise of the affected computer. Failed exploit attempts will result in a denial-of-service condition.

NOTE: This BID initially referenced CVE-2009-4000. This issue is now described in BID 37873.

Versions prior to Power Manager 4.2.10 are affected.


Privacy Statement
Copyright 2010, SecurityFocus