Vulnerabilities > HP > Data Protector
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-02-09 | CVE-2011-0923 | Improper Input Validation vulnerability in HP Data Protector The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory." | 10.0 |
2011-02-09 | CVE-2011-0922 | Improper Input Validation vulnerability in HP Data Protector The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname. | 10.0 |
2011-02-09 | CVE-2011-0921 | Improper Input Validation vulnerability in HP Data Protector crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username. | 10.0 |