1. CVE-Search
  2. CVE-2007-4349
ID CVE-2007-4349
Summary The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.
References
Vulnerable Configurations
  • cpe:2.3:a:hp:openview_performance_agent:c.04.60:*:*:*:*:*:*:*
    cpe:2.3:a:hp:openview_performance_agent:c.04.60:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:openview_performance_agent:c.04.61:*:*:*:*:*:*:*
    cpe:2.3:a:hp:openview_performance_agent:c.04.61:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:openview_reporter:3.70:*:*:*:*:*:*:*
    cpe:2.3:a:hp:openview_reporter:3.70:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:performance_agent:4.70:*:*:*:*:*:*:*
    cpe:2.3:a:hp:performance_agent:4.70:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:reporter:3.8:*:*:*:*:*:*:*
    cpe:2.3:a:hp:reporter:3.8:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 30-10-2018 - 16:25)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
refmap via4
bid 31860
bugtraq 20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service
hp
  • HPSBMA02390
  • HPSBMA02391
  • SSRT071481
misc http://secunia.com/secunia_research/2007-83/
sectrack 1021092
secunia 27054
sreason 4501
vupen ADV-2008-2888
xf ov-traceservice-rpc-dos(46028)
Last major update 30-10-2018 - 16:25
Published 23-10-2008 - 22:00
Last modified 30-10-2018 - 16:25
Back to Top