CVSS: 7.8EPSS: 96%CPEs: 10EXPL: 0CVE-2010-3008 – Hewlett-Packard Data Protector Express PrvRecvRqu Remote Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2010-3008
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007. Vulnerabilidad no especificada en HP Data Protector Express y en Data Protector Express Single Server Edition (SSE) v3.x, antes de build56936 y v4.x antes de build56906 en Windows permite a usuarios locales obtener privilegios de administración o causar una denegación de servicio a través de vectores desconocidos. Se trata de una vulnerabilidad diferente a CVE-2010-3007. This vulnerability allows remote attackers to trigger a denial of service condition on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function PrvRecvRqu() defined in the module dpwinsup. • http://marc.info/?l=bugtraq&m=128404562909349&w=2 •
CVSS: 10.0EPSS: 76%CPEs: 10EXPL: 1CVE-2010-3007 – Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3007
Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors. Vulnerabilidad no especificada en HP Data Protector Express y Data Protector Express Single Server Edition (SSE), v3.x anterior a build 56936 y v4.x anterior a build 56906 permite a usuarios locales conseguir privilegios o causar una denegación de servicio a través de vectores desconocidos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function DtbClsLogin defined in the module dpwindtb.dll on Windows and libdplindtb.so on Linux. This function takes user supplied input and copies it directly to a stack buffer. • https://www.exploit-db.com/exploits/23290 http://www13.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02498535 •