CVE-2009-3999

Description

Stack-based buffer overflow in goform/formExportDataLogs in HP Power Manager before 4.2.10 allows remote attackers to execute arbitrary code via a long fileName parameter.

Affected products

• HP / power_manager4.2.9
• HP / power_manager4.2.5 – 4.2.5
• HP / power_manager4.2.6 – 4.2.6

References

• MISChttp://secunia.com/secunia_research/2009-47/
• MISChttp://securityreason.com/securityalert/8482
• VENDOR_ADVISORYhttp://secunia.com/advisories/37280
• MAILING_LISThttp://marc.info/?l=bugtraq&m=126393370331959&w=2
• MISChttp://securitytracker.com/id?1023470
• MAILING_LISThttp://marc.info/?l=bugtraq&m=126393370331959&w=2
• MISChttp://www.securityfocus.com/bid/37867