CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-4000

Directory traversal vulnerability in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to overwrite arbitrary files, and execute arbitrary code, via directory traversal sequences in the fileName parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.316

EPSS Ranking 96.6%

CVSS Severity

CVSS v2 Score 10.0

References

http://marc.info/?l=bugtraq&m=126393370331959&w=2
http://marc.info/?l=bugtraq&m=126393370331959&w=2
http://secunia.com/advisories/37280
http://secunia.com/secunia_research/2009-48/
http://securitytracker.com/id?1023470
http://www.securityfocus.com/bid/37873
http://marc.info/?l=bugtraq&m=126393370331959&w=2
http://marc.info/?l=bugtraq&m=126393370331959&w=2
http://secunia.com/advisories/37280
http://secunia.com/secunia_research/2009-48/
http://securitytracker.com/id?1023470
http://www.securityfocus.com/bid/37873

Products affected by CVE-2009-4000

Hp » Power Manager » Version: Any

cpe:2.3:a:hp:power_manager:*
Hp » Power Manager » Version: 4.2.5

cpe:2.3:a:hp:power_manager:4.2.5
Hp » Power Manager » Version: 4.2.6

cpe:2.3:a:hp:power_manager:4.2.6
Hp » Power Manager » Version: 4.2.7

cpe:2.3:a:hp:power_manager:4.2.7
Hp » Power Manager » Version: 4.2.8

cpe:2.3:a:hp:power_manager:4.2.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4000

Products

Pricing

Contact Us