cpe:/a:hp:openvms:5 CVE-2008-3940 2008-09-05T11:08:00.000-04:00 2017-08-07T21:32:17.200-04:00 4.4 LOCAL MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-09-05T12:26:00.000-04:00 ALLOWS_OTHER_ACCESS BID 30948 SECUNIA 31587 VUPEN ADV-2008-2463 XF hp-tcpipservices-openvms-code-execution(44752) MISC http://deathrow.vistech.net/DEFCON16/VMS.PDF Format string vulnerability in the finger client in HP TCP/IP Services for OpenVMS 5.x allows local users to gain privileges via format string specifiers in a (1) .plan or (2) .project file.