Vulnerabilities > CVE-2010-3008 - Unspecified vulnerability in HP Data Protector Express 3.1/3.5/4.0

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

nessus

NVD

Published: 2010-09-13

Updated: 2019-10-09

Summary

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007.

Vulnerable Configurations

Part	Description	Count
Application	Hp HP Data Protector Express 3.1 HP Data Protector Express 3.5 HP Data Protector Express 4.0	10

Nessus

NASL family	Windows
NASL id	HP_DATA_PROTECTOR_EXP_MULTIPLE.NASL
description	HP Data Protector Express is installed on the remote host. The installed version of the software is affected by multiple remote vulnerabilities including a buffer overflow and a NULL pointer deference. An attacker could leverage these vulnerabilities to execute remote code or cause a denial of service attack on the affected host.
last seen	2020-06-01
modified	2020-06-02
plugin id	49645
published	2010-09-22
reporter	This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/49645
title	HP Data Protector Express < 4.x build 56906 / 3.x build 56936 Multiple Vulnerabilities

References

http://marc.info/?l=bugtraq&m=128404562909349&w=2