CVE-2007-4349

Severity

43%

Complexity

86%

Confidentiality

48%

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P).

Overview

Type

HP

First reported 16 years ago

2008-10-23 22:00:00

Last updated 6 years ago

2018-10-30 16:25:00

Affected Software

HP Performance Agent C.04.60

c.04.60

HP Performance Agent C.04.61

c.04.61

HP OpenView Reporter 3.70

3.70

HP Performance Agent 4.70

4.70

HP OpenView Reporter 3.8

3.8

References

HPSBMA02391

HPSBMA02390

27054

Vendor Advisory

http://secunia.com/secunia_research/2007-83/

Vendor Advisory

4501

20081022 Secunia Research: HP OpenView Products Shared Trace Service Denial of Service

31860

Patch

1021092

ADV-2008-2888

Vendor Advisory

ov-traceservice-rpc-dos(46028)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.