CVE-2008-3940

medium HPE
CVSS v3 Base Score
4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS Score
0.1%
Exploitation probability in 30 days
Top 76% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
P
Published: September 5, 2008 (6460 days ago)
Last Modified: April 23, 2026
Vendor: HPE
Source: NVD

Description

Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.

CWE

CWE-134

Affected Products

hp openvms

References

🔗 deathrow.vistech.net 🔗 secunia.com 🔗 www.securityfocus.com 🔗 www.vupen.com 🔗 exchange.xforce.ibmcloud.com