CVE-2007-4349

high

Description

The Shared Trace Service (aka OVTrace) in HP Performance Agent C.04.70 (aka 4.70), HP OpenView Performance Agent C.04.60 and C.04.61, HP Reporter 3.8, and HP OpenView Reporter 3.7 (aka Report 3.70) allows remote attackers to cause a denial of service via an unspecified series of RPC requests (aka Trace Event Messages) that triggers an out-of-bounds memory access, related to an erroneous object reference.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46028

http://www.vupen.com/english/advisories/2008/2888

http://www.securitytracker.com/id?1021092

http://www.securityfocus.com/bid/31860

http://www.securityfocus.com/archive/1/497648/100/0/threaded

http://securityreason.com/securityalert/4501

http://secunia.com/secunia_research/2007-83/

http://secunia.com/advisories/27054

http://marc.info/?l=bugtraq&m=122876827120961&w=2

http://marc.info/?l=bugtraq&m=122876677518654&w=2

Details

Source: Mitre, NVD

Published: 2008-10-23

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High