- EPSS 4.18%
- Veröffentlicht 09.02.2011 01:00:09
- Zuletzt bearbeitet 29.04.2026 01:13:23
crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over...
- EPSS 82.01%
- Veröffentlicht 09.02.2011 01:00:09
- Zuletzt bearbeitet 29.04.2026 01:13:23
The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXEC_SETUP command that references a UNC share pathname.
- EPSS 89.89%
- Veröffentlicht 09.02.2011 01:00:09
- Zuletzt bearbeitet 29.04.2026 01:13:23
The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."
- EPSS 5.49%
- Veröffentlicht 09.02.2011 01:00:09
- Zuletzt bearbeitet 29.04.2026 01:13:23
The client in HP Data Protector does not verify the contents of files associated with the EXEC_CMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omni_chk_ds....