CVE-2010-1971

Description

Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before 6.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors, a different vulnerability than CVE-2010-1968.

Affected products

HP / insight_software_installer3.00 – 3.00
HP / insight_software_installer6.0
HP / insight_software_installer3.10 – 3.10

References

VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2010/1792
MISChttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388
MISChttp://securitytracker.com/id?1024186
VENDOR_ADVISORYhttp://secunia.com/advisories/40553
MISChttp://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02282388