Hewlett-Packard Company Information for VU#575804

CDE libDtHelp vulnerable to buffer overflow via DTHELPUSERSEARCHPATH or DTHELPSEARCHPATH

Status

Affected

Vendor Statement

==============================================
Hewlett-Packard Company

SOURCE:  Hewlett-Packard Company
Software Security Response Team (SSRT)


Date:  November 4, 2003
CROSS REFERENCE ID:  SSRT3657


Hewlett Packard is currently investigating the potential
impact to HP released operating system software.


HP will provide notice of the availability of any necessary
patches through standard security bulletin announcements and
be available from your normal HP Services support channel.



To report any security issue for any HP software
products send email to  security-alert@hp.com

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Please see HPSBUX0311-297 / SSRT3657 for more information.

If you have feedback, comments, or additional information about this vulnerability, please send us email.