CVE-2011-0923

The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code…

mitre·CWE-20·Published 2011-02-09

CVSS

—

EPSS

0.81

KEV

Exploits

cve.orgen

200 chars

The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."

NVDen

200 chars

NVDes

213 chars

El cliente de HP Data Protector no valida correctamente los argumentos de EXEC_CMD, que permite a atacantes remotos ejecutar código Perl a través de un comando manipulado, relacionado con el "directorio local bin"

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	10.0	10.0	10.0	AV:N/AC:L/Au:N/C:C/I:C/A:C